The U.S. Federal Trade Commission announced an enforcement action against online alcohol marketplace Drizly and its CEO James Cory Rellas related to data security issues that led to a 2020 data breach involving 2.5 million customers. The order calls on Drizly to destroy unnecessary data and requires implementation of data minimization and information security programs. Rellas will be bound to the enforcement action in any new position or venture beyond Drizly. FTC Bureau of Consumer Protection Director Samuel Levine said the order not only "restricts what the company can retain and collect going forward," it ensures the CEO "faces consequences for the company’s carelessness."
25 Oct. 2022
FTC issues order against Drizly, CEO over 2020 breach
RELATED STORIES
Privacy in Arkansas: Is Arkansas ready for a consumer privacy law?
A view from DC: CFPB calls for states to regulate financial privacy
Notes from the IAPP Canada: OPC's WADA investigation 'raises some interesting issues'
A view from Brussels: European Commission's new tech policy center of gravity
First fine imposed under Thailand's Personal Data Protection Act