Section 5 of the Federal Trade Commission Act provides a powerful tool for the federal government to regulate companies’ data-security practices. Rather than adopt specific data-security standards, the FTC often uses Section 5’s flexible and open-ended concepts of unfairness and deception to bring enforcement actions against companies for data-security failures. […]
The reach of N.C. Gen. Stat § 75-1.1 extends to conduct “in or affecting commerce.” Although this phrasing seems broad, courts interpreted it to exempt several types of conduct from the statute’s purview. One recognized exemption is for internal business disputes: that is, conduct among members of the same business. A recent decision by the […]
Courts have long recognized limitations on claims brought under N.C. Gen. Stat. § 75-1.1 in conjunction with alleged breaches of contract. Although the North Carolina Supreme Court has never formally recognized a restriction, state and federal courts alike have determined that a breach of contract does not give rise to […]
Consumers and businesses aren’t the only sources of potential privacy and data-security litigation. Today’s post looks at another important source: the Federal Trade Commission and state consumer-protection regulators. In many cases, government enforcers don’t have express authority to sue for “privacy” or “data security” violations. Instead, the FTC often sues based […]