FTC Tests Limits of Data Security Power in D-Link Action

Fenwick litigator Hanley Chew was quoted in a Law360 article about the Federal Trade Commission’s (FTC’s) increasingly aggressive policing of corporate data security.

The FTC recently filed a complaint in California federal court charging Taiwan-based computer networking equipment manufacturer D-Link Corp. of violating the unfairness and deception prongs of Section 5 of the FTC Act by leaving consumers’ information vulnerable to hackers by allegedly failing to properly secure its wireless routers and internet protocol cameras and misleadingly touting its products as “easy to secure” or containing “advanced network security.”

In a departure from similar prior cases, D-link refused to quickly settle the FTC’s claims and instead denied the allegations, saying in a statement Thursday that it was taking steps to defend itself in the action.

Chew, who focuses on privacy and data security litigation, counseling and investigations, told Law360 that it’s significant that D-Link is pushing back, “especially in light of the aggressive and preemptive approach that the commission is taking by bringing a case when there hasn't been a breach or an obvious injury that the FTC can hang its hat on.”

“It’s definitely a possibility that the FTC might have some issues with the harm prong of the FTC Act, especially given the cases that commission typically brings and are successful in are instances where there has been a breach or some actual concrete harm or injury,” Chew added.

The full article is available on the Law360 website​ (subscription required).