EPIC Comments on FTC Safeguards Rule

August 1, 2019

EPIC provided comments to the FTC on the agency's proposed update to the Safeguards Rule on data security for financial institutions. In the proposal, the FTC highlighted that EPIC "recommended that certain practices set forth in the FTC's Safeguards Rule Guidance, such as employee background checks, authentication requirements, and encryption, should be mandatory." EPIC's comments (1) express support for the FTC's decision to mandate baseline security requirements, (2) request that the Safeguard Rules apply to all organizations and companies that collect consumer data, and (3) urge the FTC impose data minimization requirements. Recent breaches have highlighted the need for stronger data protection laws. EPIC has renewed calls for a data protection agency in the U.S.

Support Our Work

EPIC's work is funded by the support of individuals like you, who allow us to continue to protect privacy, open government, and democratic values in the information age.