On July 24, 2014, the House Committee on Oversight and Government Reform held a hearing entitled, "The Federal Trade Commission and Its Section 5 Authority: Prosecutor, Judge and Jury." The purpose of the hearing was to review the Federal Trade Commission's (FTC) recent enforcement actions on data security under section five of the Federal Trade Commission Act.
In recent years, there has been a substantial increase in cases of data breach, compromising the sensitive financial, medical and consumer information of millions of Americans. In response, federal agencies like the FTC have stepped up enforcement to hold parties responsible for the unlawful release or failure to protect sensitive information. This hearing examined recent FTC cases in which the agency has been accused of exceeding its statutory authorities by targeting companies for enforcement. Chairman Darrell Issa (R–CA) accused the FTC of using its broad enforcement powers to unfairly punish small businesses that cannot afford lengthy litigation and penalties.
Companies should know that federal regulators have widespread interest in data security because of rapidly evolving technology and the uses of data itself. Laws and regulations are struggling to keep pace, which is why Congress is considering data security and cybersecurity legislation. Stakeholders from a variety of industries, including telecommunications, financial services, health care, retail, utilities and information technology, should want a seat at the table as new laws and regulations are considered and crafted to protect their consumers, employees and/or shareholders/investors.