Federal Trade Commission (FTC)
Definition
The U.S. federal agency responsible for consumer protection and competition law enforcement, with significant authority over privacy and data security practices. The FTC enforces Section 5 of the FTC Act, which prohibits unfair or deceptive practices. In privacy contexts, this includes misrepresenting data practices, failing to implement promised security measures, and unfair data handling that causes substantial consumer injury. The FTC also enforces specific privacy laws like COPPA and the CAN-SPAM Act. FTC enforcement has produced major privacy settlements establishing best practices, consent decrees requiring ongoing compliance programs, and substantial financial penalties. The FTC issues guidance on privacy topics, investigates data breaches, promotes privacy education, and advocates for consumer privacy protection. While the FTC lacks comprehensive data protection authority like GDPR supervisors, it's the primary federal privacy enforcer in the U.S. Organizations should monitor FTC guidance, enforcement actions, and regulatory positions.
Applicable Laws & Regulations
- 1FTC Act Section 5, 15 U.S.C. §45 - Unfair or deceptive acts or practices
- 2COPPA 15 U.S.C. §6501 - FTC enforcement authority
- 3CAN-SPAM Act 15 U.S.C. §7701 - FTC enforcement