FTC to Host Informational Injury Workshop to Examine Injuries Suffered when Consumer Information Misused

FTC-Header-2017

Written By ESR News Blog Editor Thomas Ahearn

The Federal Trade Commission (FTC) – the nation’s primary federal privacy and data security enforcement agency – has announced that it will host a “Informational Injury Workshop” in order to examine questions about injuries consumers suffer when their information is misused on December 12, 2017, according to an FTC press release.

The FTC workshop – which is free and open to the public – will be held at the Constitution Center, 400 7th St., SW, Washington, D.C. and will be webcast live on the FTC website. Registration information, an agenda, directions to the Constitution Center building, and a list of speakers will be available in the near future on the event webpage.

The FTC workshop will address questions such as how to best characterize informational injuries, how to accurately measure such injuries and their prevalence, and what factors businesses and consumers consider when evaluating the tradeoffs involved in collecting, using, or providing information while potentially increasing exposure to injuries.

The FTC has brought more than 500 privacy and data security-related cases, which have focused on deceptive and unfair business practices that cause or are likely to cause consumer injury. To help assist the FTC’s analysis of the topic of informational injury in the workshop, the FTC is seeking comment on a range of issues including:

  • What are the qualitatively different types of injuries from privacy and data security incidents?
  • What frameworks might we use to assess these different injuries? How do we quantify injuries?
  • How do businesses evaluate the benefits, costs, and risks of collecting and using consumer information in light of potential injuries? How do consumers evaluate the benefits, costs, and risks of sharing information in light of potential injuries?

“This workshop is aimed at helping us to better identify and measure the consumer injuries that may result from the misuse of information about consumers,” Acting FTC Chairman Maureen K. Ohlhausen stated in the press release. She also said collection and use of consumer information carries some risk “when that information is misused.”

A full list of questions and information about how to submit comments can be found in the detailed public notice about the informational injury workshop. The deadline for submitting comments is October 27, 2017. More information about the FTC – which works to protect and educate consumers – can be found at www.ftc.gov.

In August 2017, ESR News reported that Uber Technologies agreed to settle FTC charges over deceptive privacy and data security claims that the ride-sharing company “deceived consumers by failing to monitor employee access to consumer personal information and by failing to reasonably secure sensitive consumer data stored in the cloud.”

The FTC complaint against Uber claimed the San Francisco-based firm – despite claims that consumer data was “securely stored within our databases” – failed to closely monitor employee access to consumer and driver data and deploy reasonable measures to secure personal information stored on a third-party cloud provider’s servers.

In September 2017, ESR News reported that three companies agreed to settle FTC charges that they misled consumers about their participation in the EU-U.S. Privacy Shield Framework that was designed to allow companies to transfer consumer data from the European Union (EU) to the United States (U.S.) in compliance with EU law.

Although the decision to join Privacy Shield is voluntary, the public commitment by an organization to comply with Privacy Shield Principles through self-certification is enforceable under U.S. law by either the FTC or the U.S. Department of Transportation (DOT). The official Privacy Shield Framework website is at www.privacyshield.gov.

ESR Re-Certifies EU-U.S. Privacy Shield Enforced by FTC

Employment Screening Resources® (ESR) received notification from the Department of Commerce’s International Trade Administration (ITA) that its annual submission for self-certification of adherence to the EU-U.S. Privacy Shield Framework is finalized and effective as of September 22, 2017. To learn more, visit www.esrcheck.com.

NOTE: Employment Screening Resources® (ESR) does not provide or offer legal services or legal advice of any kind or nature. Any information on this website is for educational purposes only.

© 2017 Employment Screening Resources® (ESR) – Making copies or using of any part of the ESR News Blog or ESR website for any purpose other than your own personal use is prohibited unless written authorization is first obtained from ESR.