It was nearly three years ago that I first blogged about the Federal Trade Commission’s “Wild West” data breach enforcement action brought against now-defunct medical testing company LabMD.   Back then, I was simply astounded that a federal agency (the FTC) with seemingly broad and vague standards pertaining generally to “unfair” practices of a business entity

Readers of this blog know that we have been tracking the FTC’s recent data security enforcement activities with a particular focus on the FTC v. LabMD case.  As reported by Cause of Action, a nonprofit organization involved in the defense of LabMD, the LabMD trial was put on hold on May 30, 2014 until June

As a regulatory lawyer, I frequently find myself parsing words and phrases crafted by legislators and agencies that, all too often, are frustratingly vague or contradictory when applied to a particular real-world and perhaps unanticipated (at the time of drafting) scenario.  So when an agency crafting guidance for a regulated industry has advisors on hand