The U.S. Court of Appeals for the Eleventh Circuit has issued a ruling that may drastically change the nature of the relief that the Federal Trade Commission (“FTC”) seeks to impose on companies it alleges to have had inadequate data security measures in place. Specifically, on June 6, 2018, the Court issued a long-awaited decision in LabMD, Inc. v. Federal Trade Commission (“LabMD”), upending an FTC order requiring LabMD to overhaul its data security program. The Court held that, because the order was overbroad and lacked specifics, it was unenforceable. The decision suggests that FTC data security orders must be more limited and precise.
Read our client alert.