Sep 19-21, 2011

Orange County Convention Center, Orlando, Florida

Lessons Learned From The FTC (Federal Trade Commission)


The FTC has emerged as the leading investigator of privacy and security breaches, and has sanctioned companies and institutions across industries for breaches. This presentation reviews the FTC’s track record, examines lessons learned from each sanction, and provides guidance based on current and proposed regulations.

Abstract Text

Over the last decade, in the absence of a national Consumer Privacy Watchdog/Czar, the Federal Trade Commission (FTC) has set the standard for what it considers acceptable, and unacceptable behavior for companies and organizations conducting business within the United States.

The FTC doesn’t involve itself in the minutae of security standards ‘ala HIPAA, PCI, etc, nor does it dictate what protocols or technologies companies need to use. Rather, the FTC uses it’s Constitutional and Congressional mandate for regulating Interstate Commerce to hold companies accountable for their breaches.

This presentation will examine the FTC’s track record, put the sanctions in a larger context of privacy and security breaches, and most importantly, we will look at where the FTC is trending with the FTC Health Breach and RED FLAG regulations.

Whether you deal with physical security, digital security, Risk Management or Compliance, you WILL learn something valuable, and relevant here.