The Federal Trade Commission is releasing a series of "Stick with Security" blog posts that draw on some investigations, now closed, to help instruct businesses on protecting data—starting off, interestingly, with an explanation of why the FTC did not take action in some cases.
The FTC could be inheriting the oversight of ISP consumer data protection if the FCC votes, as expected, to reclassify ISPs as Title I services (the FTC is prevented from regulating common carriers).
In the first post Friday (July 21), acting Consumer Protection Bureau director Thomas Pahl teed up the initiative by explaining why FTC data breach investigations didn't result in enforcement actions.
Those explanations included that a breach may have occurred but a company only collected a small amount of nonsensitive info, so it would not be a good use of taxpayer money to investigate; that while the FTC is the primary cop on the beat, it might not be the only one; and that the risk to data is only theoretical.
Acting FTC chair Maureen Ohlhausen said earlier this year that she would provide businesses with insight from closed FTC data security investigations.
A new blog will post every Friday.