FTC Takes Action Against Chegg For ‘Careless’ Security Practices Resulting in Four Breaches

A legal update on privacy, data security, and all things cyber by the attorneys of Alston & Bird.

Our Privacy & Data Security Group reviews the Eleventh Circuit’s decision narrowing the FTC’s authority to impose broad cybersecurity measures on defendants, but cautions it would be a mistake to interpret the ruling as preventing the FTC from regulating cybersecurity and data privacy.

On January 15, 2025, the Federal Trade Commission (FTC) announced a proposed settlement with GoDaddy Inc. (GoDaddy) for making false or misleading representations about their security practices in violation of Section 5 of the FTC Act. GoDaddy, a website hosting company, serves approximately 5 million customers. In the complaint, the FTC indicated that although GoDaddy […]

The post FTC Announces Proposed Settlement with GoDaddy Incorporating Prescriptive Cybersecurity Requirements appeared first on Alston & Bird Privacy, Cyber & Data Strategy Blog.

The Biden Administration’s Office for Civil Rights delivered on its promise to propose an update to the HIPAA Security Rule. Our Health Care and Privacy, Cyber & Data Strategy groups summarize key points from the new rule and consider the rule’s future in the incoming Trump Administration.

An unprecedented cyber qui tam action involving Georgia Tech’s alleged failure to comply with certain cybersecurity controls underscores the importance of having advanced cyber requirements for federal contractors. Our Education, False Claims Act, and Privacy teams flesh out what businesses need to know.