Law360 interviewed Shook Privacy and Data Security Chair Al Saikali for the article, “11th Circ. Frees LabMD From FTC Data Security Order.” The article reviews the 11th Circuit’s decision to throw out a Federal Trade Commission (FTC) order directing LabMD to overhaul its data security program. The court found that a lack of specifics about how the changes should be implemented doomed the directive, although it deferred to the agency on the broader question about the scope of its data security authority.
Saikali told Law360 that the ruling, if it stands, will have “wide implications” both for how the FTC enforces the unfairness prong in the data security context as well as for similar orders the commission has obtained in other cases, “which have the same flaw—lack of specificity.”
“Those orders all say the same thing—you must adopt reasonable data security—which the Eleventh Circuit is telling them now isn’t specific enough,” Saikali said.