U.S. agency loses appeal over alleged LabMD data security lapses
WASHINGTON (Reuters) – The U.S. shopper safety company on Wednesday misplaced an appeals court docket struggle with now-defunct most cancers testing firm LabMD over accusations that the agency’s knowledge safety was insufficient and allowed the publicity of delicate affected person data.
The Federal Commerce Fee (FTC) sued LabMD in 2013, claiming that poor safety practices in 2008 had allowed medical and different delicate details about 9,300 customers to be uncovered on peer-to-peer community LimeWire, usually used for downloading music.
LabMD denied any wrongdoing and argued that the FTC didn’t have the authority to implement guidelines about how private data on its community was dealt with. It requested the U.S. Court docket of Appeals for the 11th Circuit to vacate the FTC order, and the court docket agreed to take action.
The court docket mentioned that the FTC’s order was unenforceable. “It doesn’t enjoin a particular act or follow. As an alternative it mandates an entire overhaul of LabMD’s data-security program and says treasured little about how that is to be completed,” the three judges wrote of their opinion.
LabMD couldn’t be reached for remark.
The FTC mentioned in a press release: “Though we’re upset by the appeals court docket’s ruling, we are going to proceed to do the whole lot we are able to to guard shopper privateness. We’re evaluating our subsequent steps in response to this choice.”
The FTC started ramping up its actions towards firms accused of slack safety practices in 2008, on the grounds that failing to guard shopper knowledge is an “unfair” or “misleading” follow.
The FTC has reached settlements with greater than 50 firms over alleged lax knowledge safety, based on the company. These settlements sometimes don’t contain fines however require the businesses to take steps to enhance knowledge safety.
Reporting by Diane Bartz, Modifying by Rosalba O’Brien