Dan Solove and Woody Hartzog have 5 suggestions for how FTC could use its authority to improve data security:
Here’s how we think the FTC should use its authority to drive important change:
1. Do more proactive enforcement
2. Take on more data security cases
3. Push companies toward improved authentication – moving beyond mere passwords
4. Restrict the use of Social Security numbers for authentication purposes
5. Develop a theory of data stewardship for third parties
Read their article on FierceITSecurity for their explanation and comments.
A-men!