|
June 7, 2018 - In 2008, a spreadsheet containing the names and personal information of 9,000 LabMD customers was supposedly discovered on a file sharing network. We say supposedly because the company that made the discovery also sold data security products. And according to the CEO of LabMD, when LabMD refused to purchase their products, the data breach was reported to the FTC. Five years late, the FTC forced LabMD to enter into a consent decree which required the company to upgrade its data security and to submit to government monitoring of its data security for the next 20 years. Now, the 11th Circuit Court of Appeals has thrown out that consent decree in a ruling that is likely to affect other companies.
|
|
|
|
|
 |
 |
The court agreed with the FTC that LabMD had some significant issues with data security. The problem with their settlement was that it gave absolutely no specifics on what LabMD needed to do to correct those issues. The ruling noted that the order against LabMD "does not enjoin a specific act or practice. Instead, it mandates a complete overhaul of LabMD's data security program and says precious little about how this is to be accomplished."
The ruling doesn't prevent the FTC from issuing future orders on data security, but it does suggest that any future orders without a specific plan of actions might not be worth the paper they are written on. It also suggests that any company currently facing a similar situation consider a court appeal of those orders and have a reasonable chance of emerging from the appeal process victorious.
ACCESS urges the FTC to become more specific in its data security orders. Not doing so may leave the agency powerless when it comes to dealing with certain data breaches. As for LabMD, the company's victory may be a hollow one. The company is no longer in business.
byJim Malmberg
Note: When posting a comment, please sign-in first if you want a response. If you are not registered, click here. Registration is easy and free.
Follow me on Twitter:
|
Politics & Politicians 
