Sidley Updates Bloomberg Portfolio on FTC Enforcement of Privacy & Data Security

Sidley Austin has recently updated its “FTC Enforcement of Privacy & Data Security,” which has been published as part of Bloomberg Law’s Privacy & Data Security Practice Portfolio, Portfolio No. 500, available here.

This updated and enhanced portfolio explains the enforcement authorities, powers, and limitations of the Federal Trade Commission (FTC), and its ever-evolving role as the de facto United States privacy and information security regulator in many sectors. It explains how the FTC uses its general authority under Section 5 of the FTC Act to regulate the collection, use, sharing, and security of personal information of U.S. consumers.   The Portfolio also notes the agency’s efforts to expand its mandate to include employees, as well as its role in protecting Europeans whose personal information is transferred to the U.S. via the U.S.-EU Privacy Shield Framework and other cross-border responsibilities.

The FTC has brought dozens of actions against companies alleging unfair or deceptive practices concerning the privacy and/or information security of consumers’ personal information. This includes now more than 50 general privacy cases, over 60 information security cases, and over 130 spam and spyware cases. Although the FTC closes many investigations without sanction, in many cases these actions have resulted in 20-year consent orders for companies that require their regular reporting to the FTC as well as implementation of comprehensive privacy and/or information security programs.  The portfolio updates readers on the impact of recent FTC privacy and security enforcement actions and business education guidance.

We are particularly glad to note the addition of FTC-alum Dean Forbes to the revisions of the portfolio.  Dean was a key FTC staff attorney on several of its early privacy cases, and he joins former FTC Commissioner Andy Strenio in providing fresh insights into this complex topic.

Questions about the portfolio may be directed to its authors, who are listed below and may be directly contacted via email:

Edward McNicholas (

Andrew Strenio (

Clayton Northouse (

Dean Forbes (