Unreasonable security measures can subject a company to fines from the U.S. Federal Trade Commission and place it at risk of a data breach. For both of these reasons, a company must take care to ensure the security measures it implements are reasonable. But the FTC does not provide a definition of “reasonable security.” In this piece for Privacy Perspectives, former IAPP Legal Extern Bailey Sanchez looks at how organizations have come to define reasonable security via past FTC orders and legal developments on the state level.
Full Story
Comments
If you want to comment on this post, you need to login.