D-Link Enforcement Action Inspires New Challenge to FTC’s Jurisdiction Over Data Security

wimmer-kurtskeath-calebGuest Commentary

By Kurt Wimmer, a Partner, and Caleb Skeath, an Associate, with Covington & Burling LLP

The Federal Trade Commission (FTC) has commenced a new data security enforcement action, alleging that security weaknesses in D-Link’s routers and webcams violated Section 5 of the FTC Act.  The complaint highlights many of the FTC’s data security best practices, as examined in Washington Legal Foundation’s recent Working Paper, but also highlights new data security issues that the FTC has not previously referenced in its data security enforcement actions.  Unlike most FTC data security enforcement targets, D-Link has chosen to defend against the complaint instead of entering into a settlement agreement—and the FTC has decided to file its complaint against D-Link in federal court.  This action sets the stage for the next in a recent line of cases challenging the FTC’s data security enforcement authority.  Continue reading “D-Link Enforcement Action Inspires New Challenge to FTC’s Jurisdiction Over Data Security”