New Book by Venable Attorneys Helps Businesses Navigate Federal Trade Commission's Evolving Information Security Standard

3 min

Washington, DC, (April 19, 2017) – In the absence of a national data security law, the Federal Trade Commission (FTC) enforces its own notion of "reasonable" data security. As data security risks increase in their intensity, variety, and sophistication, attorneys in Venable's eCommerce, Privacy, and Data Security Practice Group, with help from in-house cybersecurity specialists and technologists, have published Data Security Rules of the Road: A Guidebook to FTC Cases v1.0. The book is a valuable resource for businesses seeking to protect the security of personal information in ways that are consistent with guidance offered by the FTC. The authors draw practical and detailed lessons from the FTC's "reasonable and appropriate" security standard, put forth over the course of nearly 60 enforcement actions.

"Businesses not only need to stay on top of the latest security developments, but also understand the framework on which sound corporate security is built. One such framework is the FTC's 'reasonable and appropriate' security standard," said Stu Ingis, co-head of the firm's eCommerce, Privacy, and Data Security Practice Group, and co-author of the book. "Through this book, we aim to provide businesses with a tool for understanding its elements."

"If the FTC's dozens of data security consent decrees constitute the raw material for constructing a data security program, then this book is the architectural blueprint for understanding how the pieces fit together," said Milo Cividanes, co-head of the firm's eCommerce, Privacy, and Data Security Practice Group and co-author. "Our aim is to provide a tool to help companies assess their current security posture and identify security measures that reflect the FTC's standard."

Venable's eCommerce, Privacy, and Data Security Practice Group has been involved in FTC data security enforcement from the very beginning, responding to some of the earliest data security related inquiries, securing closure of some investigations while negotiating settlement terms for others, and engaging with the Commission at every step along the way since then. The book brings the firm's knowledge and experience to its clients and the business community as technology and innovation pose both opportunity and risk to businesses and their reputations.


Venable LLP is an American Lawyer Global 100 law firm headquartered in Washington, DC that serves as primary counsel to a worldwide clientele of large and mid-sized organizations, nonprofits, and high-net-worth entrepreneurs and individuals. With over 600 attorneys across the country, including California, Delaware, Maryland, New York, Virginia, and Washington, DC, the firm strategically advances its clients' business objectives in the U.S. and around the globe. Venable advises clients on a broad range of business and regulatory law, legislative affairs, complex litigation, and the full range of intellectual property disciplines.