In the Federal Trade Commission’s first litigated enforcement action addressing the security of internet of things devices, the district court for the Northern District of California recently dismissed the FTC’s unfairness claim and two of five deception claims under Section 5 of the FTC Act against D-Link Systems Inc., for alleged security flaws in its routers and internet-connected security cameras. Order, FTC v. D-Link Sys. Inc., No. 3:17-cv-00039 (N.D. Cal. Sept. 19, 2017).

This ruling suggests that, without evidence of misuse of data, the FTC will be hard-pressed to demonstrate that a heightened risk of exposure of personal data constitutes the requisite “substantial injury” for an unfairness claim and that the agency must point to more tangible evidence of injury to show that an unreasonable data security practice “causes” or is “likely to cause” such harm. Click here* to read the full article.

*Subscription based publication.