Popular Media

Gap-Filler or Over-Regulator?: An Empirical Analysis of the FTC’s ‘Common Law’ of Data Security

Commissioner Brill and a few academics  have described the FTC’s data security settlements as developing a “common law” of data security. It is not readily apparent, however, that the over 50 independent complaints and settlement agreements between the FTC and particular companies amounts to what is traditionally understood as the common law. Moreover, because the FTC’s enforcement and adjudication process differs so substantially from traditional civil adjudication, even if the FTC’s data security settlements have certain common law characteristics, it is likely that the content of the FTC’s data security law differs substantially from what would emerge in a traditional common law process.

Download the paper: L&E of Data Security – CONFERENCE