Technology

FTC Urges Data-Breach Penalties

Bipartisan support for the idea within the commission may mirror the same in Congress, an FTC official says.
David McCannMarch 19, 2014
FTC Urges Data-Breach Penalties

Target’s recent series of data breaches inflicted a nasty bruise on its brand reputation, but the retailer’s pain would have been even worse had it been subject to civil penalties over the fiasco.

Opinion_Bug7

Drive Business Strategy and Growth

Drive Business Strategy and Growth

Learn how NetSuite Financial Management allows you to quickly and easily model what-if scenarios and generate reports.

And that’s just what the Federal Trade Commission would have preferred. FTC deputy director Daniel Kaufman said at a conference today that the commission is hoping Congress will see fit to legislate monetary consequences for breached companies, according to a VentureBeat article.

The idea has strong bipartisan support among the FTC’s five commissioners, and the same would likely prove true in Congress, Kaufman suggested.

It’s debatable whether a such a measure would have prevented the Target breaches, or if enacted will prevent future ones at other very large companies. The non-legislated but very real reputational penalties that accompany breaches at high-profile enterprises are enough that few take data security lightly anymore. Civil penalties might, though, sway smaller, less-well-known businesses toward greater vigilance.

The specter of breaches is arguably the hottest worry-inducing potentiality across the corporate world. Security must constantly be improved as hackers eventually find a way around virtually every barrier to entry. There’s nothing to suggest a change in that reality will transpire in the foreseeable future, so companies must embrace the notion that establishing protections for sensitive data is not a project but rather a permanent journey.