The FTC announced two data security actions: one against a computer company in connection with an unsecured website, and the other against a mortgage broker for inadequate disposal practices. Both cases - and indeed, the FTC’s frequent activity in this area, as well as increased state regulation - make clear that businesses cannot ignore applicable responsibilities to protect personal data in their control. This article summarizes these new case developments and outlines proactive efforts that businesses can take to reduce their risk of becoming the next target.

Early 2009 Shows Active FTC Data Security Enforcement; No Room For Lax Safeguards