The advocacy group Cause of Action has stepped in to help defend electronics maker D-Link in a suit brought by the Federal Trade Commission over the company’s purportedly insufficient protection of customers’ privacy.
The FTC is targeting D-Link for making representations that its products, including wireless routers and Internet protocol cameras, feature strong security, even claiming “Advanced Network Security.” In reality, the agency alleges, the company did not adequately secure these devices and did not use testing measures, confidentiality steps, and free security software. Cause of Action, which opposes government over-regulation, is getting involved because there have been no reported incidents of hackers taking advantage of any of the alleged security vulnerabilities. Cause of Action representatives have stated that allowing the FTC to target companies based on the potential for a data breach without actual or likely consumer harm would result in limitless liability for companies and would chill innovation in the Internet of Things.
Takeaway: Just because an entity has not yet experienced data compromise does not mean that it is immune from FTC actions alleging deceptive representations about privacy and data security. Companies should follow the D-Link case closely to see whether the agency is at all rebuffed for lack of any concrete harm to consumers.