IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

FTC fires warning against sensitive data misuse

The agency has responded to fears around biometric data breaches, including those relating to abortion services

A point-of-view shot of a pregnant woman, holding a phone with an app that shows she is 22 weeks pregnant

In a clear message to all companies collecting individual data, the Federal Trade Commission (FTC) has reaffirmed its commitment to harshly enforce illegal breaches of sensitive information.

The FTC notes in a blog post there's a litany of information that can be collected to categorise and identify people’s medical histories, which has potential for dangerous exploitation particularly in the case of consumers seeking abortions.

Related Resource

2021 Gartner critical capabilities for data integration tools

How to identify the right tool in support of your data management solutions

Whitepaper cover with title, text, dark header banner, and logoFree Download

In light of the recent ruling by the Supreme Court to overrule Roe v Wade, the decision which had protected the right to choose to have an abortion, misuse of sensitive data is a point of fierce discussion. 

The regulator cited cases such as that of Copley Advertising LLC as early examples of what could be a growing trend. The company had been utilizing location data to identify people entering within a certain range of clinics offering abortion in several states, and then targeting them with anti-abortion advertising.

It has since reached a settlement with the Massachusetts Attorney General for misuse of geofencing for advertising purposes.

Striking a tough tone against potentially unethical firms, the FTC further outlined its powers to not only fine companies in breach of data protection legislation, but also require them to delete data they have collected as well as any models made with the data.

People’s information can be collected and misused in more ways than one, and the post is careful to focus on the potential for information that consumers willingly track — such as blood sugar level, menstrual cycle, sleep patterns and contraceptive use — in addition to less flagged data points such as location.

Unlike the EU and UK, the US has no central data protection legislation, nor is there an explicit right to privacy within the US constitution. Instead, a range of laws and constitutional rulings cover consumers’ right to privacy, making up a complex tradition of protections that vary state-by-state.

Currently, some of the widest such legislation includes rules that the FTC enforces such as the Health Breach Notifications Rule, which states that “vendors of personal health records and related entities to notify consumers following a breach involving unsecured information”. Violation of the rule can result in a fine if up to $46,517 per violation per day. 

Many rights groups argue these rules are inadequate and subject to loopholes such as legitimate sale of information to third-party brokers. The non-profit organisation Planned Parenthood has called for a federal data protection law to codify regulation of such data into law and prevent misuse by advertisers. Biometric data law is a particularly contentious issue, with similar calls within the UK right now for more transparent consumer protections around what data companies can track, and why.

In the post, the FTC specifically warns against misleading claims of ‘anonymization’ by companies, pointing out that such data can frequently be re-identified. Knowingly making such false claims to placate customer concerns around privacy will trigger FTC intervention, it asserts.

“The Commission is committed to using the full scope of its legal authorities to protect consumers’ privacy. We will vigorously enforce the law if we uncover illegal conduct that exploits Americans’ location, health, or other sensitive data,” stated the agency in the blog post.

“The FTC’s past enforcement actions provide a roadmap for firms seeking to comply with the law.”

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Home Office to collect foreign offenders' biometric data using smartwatch scheme
privacy

Home Office to collect foreign offenders' biometric data using smartwatch scheme

5 Aug 2022
UK safety tech sees another year of growth, amidst backlash
business transformation

UK safety tech sees another year of growth, amidst backlash

2 Aug 2022
Tim Hortons 'offers free coffee and donut' to app users to settle data lawsuit
privacy

Tim Hortons 'offers free coffee and donut' to app users to settle data lawsuit

1 Aug 2022
TikTok to give researchers new API for insight, greater transparency
Business operations

TikTok to give researchers new API for insight, greater transparency

28 Jul 2022

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Should you take your password manager off the internet?
Sponsored

Should you take your password manager off the internet?

28 Jul 2022