Certain types of data—health, financial, personal...
Certain types of data -- health, financial, personal communications -- deserve better protections under the law, said FTC Commissioner Maureen Ohlhausen during a Georgetown University event Tuesday on privacy and big data. “There’s a reason that health data and financial…
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
data … have traditionally had greater protection than general data,” Ohlhausen said during a Q&A after her speech. “It reflects a societal consensus … that these data are a little bit different,” she said. Which is, in part, why data security standards should vary based on industry expectations, she said in response to a question. The FTC should not be saying, “Set your security settings to this level or have this kind of elaborate protection,” she said. “It’s more to have a process-based approach.” If the FTC had rulemaking authority in this area, Ohlhausen would instead want “to require companies to have a process in place to assess what information they have,” figure out “who has access to it” and if they have antivirus software and breach protocol commensurate with industry standards. Ohlhausen’s speech Tuesday hit on many of her favorite themes: regulatory humility, ensuring the commission identifies substantial consumer harm before taking action, and developing a more explicit data security enforcement framework. “The FTC’s data security enforcement framework is not perfect,” she said. “I would like to develop more concrete guidance to industry, for example. But I haven’t seen anything that suggests big data technology raises fundamentally new data security issues.”