超越“合理”:澄清联邦贸易委员会在数据安全执法行动中对其不公平权力的使用

IF 1 3区 社会学 Q2 LAW Fordham Law Review Pub Date : 2016-02-04 DOI:10.2139/SSRN.2727818
T. Deal
{"title":"超越“合理”:澄清联邦贸易委员会在数据安全执法行动中对其不公平权力的使用","authors":"T. Deal","doi":"10.2139/SSRN.2727818","DOIUrl":null,"url":null,"abstract":"Data security breaches, which compromise private consumer information, seem to be an ever-increasing threat. To stem this tide, the Federal Trade Commission (FTC) has been using its authority to enforce the prohibition against unfair business practices under Section 5 of the Federal Trade Commission Act (Section 5) to hold companies accountable when they fail to employ data security measures that could prevent breaches. Specifically, the FTC brings enforcement actions where it finds that companies have failed to implement “reasonable” data security measures. However, companies and scholars argue that the FTC has not provided adequate notice of what data security practices it considers “reasonable” for the purposes of Section 5.This Note first explains and critically analyzes several existing proposals that seek to bring clarity to the FTC’s application of its unfairness authority in the data security context. Then, this Note proposes a novel solution that encourages the FTC to explicitly outline its minimum data security requirements via nonlegislative rulemaking. Additionally, this Note contends that any FTC rulemaking should incorporate a principle of proportionality to ensure that companies know what data security measures they should implement based on the relative sensitivity of the consumer data that they retain. Lastly, this Note suggests that the FTC should also incorporate a safe harbor provision so that compliant companies know that, by following the FTC’s guidelines, they will be immune from Section 5 enforcement actions.","PeriodicalId":47517,"journal":{"name":"Fordham Law Review","volume":null,"pages":null},"PeriodicalIF":1.0000,"publicationDate":"2016-02-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Moving Beyond 'Reasonable': Clarifying the FTC's Use of Its Unfairness Authority in Data Security Enforcement Actions\",\"authors\":\"T. Deal\",\"doi\":\"10.2139/SSRN.2727818\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Data security breaches, which compromise private consumer information, seem to be an ever-increasing threat. To stem this tide, the Federal Trade Commission (FTC) has been using its authority to enforce the prohibition against unfair business practices under Section 5 of the Federal Trade Commission Act (Section 5) to hold companies accountable when they fail to employ data security measures that could prevent breaches. Specifically, the FTC brings enforcement actions where it finds that companies have failed to implement “reasonable” data security measures. However, companies and scholars argue that the FTC has not provided adequate notice of what data security practices it considers “reasonable” for the purposes of Section 5.This Note first explains and critically analyzes several existing proposals that seek to bring clarity to the FTC’s application of its unfairness authority in the data security context. Then, this Note proposes a novel solution that encourages the FTC to explicitly outline its minimum data security requirements via nonlegislative rulemaking. Additionally, this Note contends that any FTC rulemaking should incorporate a principle of proportionality to ensure that companies know what data security measures they should implement based on the relative sensitivity of the consumer data that they retain. Lastly, this Note suggests that the FTC should also incorporate a safe harbor provision so that compliant companies know that, by following the FTC’s guidelines, they will be immune from Section 5 enforcement actions.\",\"PeriodicalId\":47517,\"journal\":{\"name\":\"Fordham Law Review\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":1.0000,\"publicationDate\":\"2016-02-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Fordham Law Review\",\"FirstCategoryId\":\"90\",\"ListUrlMain\":\"https://doi.org/10.2139/SSRN.2727818\",\"RegionNum\":3,\"RegionCategory\":\"社会学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"LAW\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Fordham Law Review","FirstCategoryId":"90","ListUrlMain":"https://doi.org/10.2139/SSRN.2727818","RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"LAW","Score":null,"Total":0}
引用次数: 1

摘要

泄露消费者私人信息的数据安全漏洞似乎是一个日益严重的威胁。为了遏制这一趋势,联邦贸易委员会(FTC)一直在利用其权力,根据《联邦贸易委员会法》(Federal Trade Commission Act,简称FTC)第5条,对不公平的商业行为实施禁令,要求那些未能采取数据安全措施防止违规行为的公司承担责任。具体来说,联邦贸易委员会会在发现公司未能实施“合理的”数据安全措施时采取执法行动。然而,公司和学者们认为,联邦贸易委员会没有提供足够的通知,说明它认为哪些数据安全实践对于第5条的目的是“合理的”。本说明首先解释并批判性地分析了几个现有的提案,这些提案旨在明确联邦贸易委员会在数据安全背景下对其不公平权力的应用。然后,本说明提出了一个新颖的解决方案,鼓励联邦贸易委员会通过非立法规则制定明确概述其最低数据安全要求。此外,本说明认为,任何联邦贸易委员会的规则制定都应纳入相称性原则,以确保公司知道他们应该根据他们所保留的消费者数据的相对敏感性实施哪些数据安全措施。最后,本说明建议联邦贸易委员会还应纳入安全港条款,以便合规公司知道,通过遵循联邦贸易委员会的指导方针,它们将免于第5条的执法行动。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
Moving Beyond 'Reasonable': Clarifying the FTC's Use of Its Unfairness Authority in Data Security Enforcement Actions
Data security breaches, which compromise private consumer information, seem to be an ever-increasing threat. To stem this tide, the Federal Trade Commission (FTC) has been using its authority to enforce the prohibition against unfair business practices under Section 5 of the Federal Trade Commission Act (Section 5) to hold companies accountable when they fail to employ data security measures that could prevent breaches. Specifically, the FTC brings enforcement actions where it finds that companies have failed to implement “reasonable” data security measures. However, companies and scholars argue that the FTC has not provided adequate notice of what data security practices it considers “reasonable” for the purposes of Section 5.This Note first explains and critically analyzes several existing proposals that seek to bring clarity to the FTC’s application of its unfairness authority in the data security context. Then, this Note proposes a novel solution that encourages the FTC to explicitly outline its minimum data security requirements via nonlegislative rulemaking. Additionally, this Note contends that any FTC rulemaking should incorporate a principle of proportionality to ensure that companies know what data security measures they should implement based on the relative sensitivity of the consumer data that they retain. Lastly, this Note suggests that the FTC should also incorporate a safe harbor provision so that compliant companies know that, by following the FTC’s guidelines, they will be immune from Section 5 enforcement actions.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
CiteScore
1.10
自引率
12.50%
发文量
0
期刊介绍: The Fordham Law Review is a scholarly journal serving the legal profession and the public by discussing current legal issues. Approximately 75 articles, written by students or submitted by outside authors, are published each year. Each volume comprises six books, three each semester, totaling over 3,000 pages. Managed by a board of up to eighteen student editors, the Law Review is a working journal, not merely an honor society. Nevertheless, Law Review membership is considered among the highest scholarly achievements at the Law School.
期刊最新文献
Using a Hybrid Securities Test to Tackle the Problem of Pyramid Fraud Resurrecting Free Speech Managing the Misinformation Marketplace: The First Amendment and the Fight Against Fake News Airbnb in New York City: whose privacy rights are threatened by a Government Data grab? Free money, but not tax-free: a proposal for the tax treatment of cryptocurrency hard forks
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1