The Dangers of Failing to Use Reasonable Security Measures

• Posted by Geoffrey G. Gussis on July 14th, 2005


• Filed in IT/Software/Internet, Risk Management & Compliance

Eric Goldman at the Technology & Marketing Law Blog has provided information on a recent FTC settlement with BJ’s Wholesale Club over allegedly deficient security practices. InhouseBlog has posted in the past on the FTC’s increasing scrutiny of security issues - and it looks like our predictions are coming true.  Eric sums up his view on these developments:

"As I’ve said before, I have historically dismissed the lawyers hyping
security concerns as hucksters trying to drum up some low-utility
business. If that view was once correct, it certainly is no longer, and
I recant any such views. Enforcement actions like this one (and the
prior Nationwide Mortgage action) send a clear message: the FTC does
believe there is a baseline level of security that companies must
undertake, and failing to do so has legal ramifications. While security
measures must still be evaluated on a cost/benefit basis, the costs of
non-compliance must now include legal risks that previously might have
been de minimis but are now tangible and non-trivial."

Learn more by reading the full post: Technology & Marketing Law Blog: FTC Settles Another Case for Failure to Use Reasonable Security.