put out of business as part of the commission’s imperious decade-long effort to establish itself as the nation’s chief cybersecurity regulator. The judge’s opinion calls into question the FTC’s underlying legal theory and enforcement-based approach to developing data security norms – an approach under which a majority of companies in the United States could be found guilty of violating the Section 5 of the FTC Act.
Gus Hurwitz, a visiting fellow at AEI's Center for Internet, Communications, and Technology Policy, is an assistant professor at the University of Nebraska College of Law, where he teaches telecommunications law, cyber law, law and economics, and other regulation-related subjects. His research builds on his background in law, technology, and economics to consider the interface between law and technology and the role of regulation in high-tech industries. He has a particular expertise in telecommunications law and technology. He was previously the inaugural research fellow at the University of Pennsylvania Law School’s Center for Technology, Innovation and Competition, and before that was a visiting assistant professor at George Mason University Law School. He previously spent several years as a trial attorney with the US Department of Justice Antitrust Division’s Telecommunications and Media Enforcement Section. Hurwitz has a background in technology and worked at Los Alamos National Laboratory. During this time, his work was recognized with professional awards from organizations such as the Federal Laboratory Consortium, R&D Magazine, Los Alamos National Lab, the Institute of Electrical and Electronics Engineers, the Association for Computing Machinery, and the Corporation for Education Network Initiatives in California. In addition, he held an Internet2 Land Speed world record with the Guinness Book of World Records. Hurwitz is a co-blogger at Truth on the Market.
wrote about the recent OECD study showing that spending on technology to support education does not necessarily benefit, and can actually harm, education outcomes. And the next day Ari Rabkin wrote about the challenges of defining what we mean when we say “computer science” should be added to primary school curricula. Both Bronwyn’s and Ari’s discussions offer examples of policy charging ahead of evidence – with the potential consequence of both wasting money or even undermining the intended policy goals.
Verizon, where the DC Circuit rejected the FCC’s 2010 Open Internet rules but upheld the FCC’s underlying legal authority. On Monday, the Third Circuit released a similarly important opinion relating to the FTC’s authority to regulate data security practices. In this case the court has given the FTC what seems to be a win. But in doing so the court rejected the agency’s basic approach to data security regulation, ignoring the FTC’s efforts over the past 15 years to regulate data security practices. This is a major blow to the FTC, which has steadfastly argued – including in this case – that it has developed its own law of data security that should apply in cases such as this.
announced a new policy clarifying the commission’s use of its authority under Section 5 of the FTC Act to take action against “unfair methods of competition” (UMC). This policy statement represents a major win for both Commissioner Wright – who has pushed for the commission to adopt such a statement since joining the commission – and for the American consumer, who will benefit from the increased stability that this policy creates. It also represents an abrupt about-face for the chairwoman, who has steadfastly resisted providing such guidance (or otherwise accepting any limits on the commission’s authority) – an about-face almost certainly prompted by recent congressional concern.