Since the Federal Trade Commission began bringing data security enforcement actions in 2002, no court had ruled on the substantive merits of the FTC’s approach. A panel of three Eleventh Circuit judges decisively rejected the FTC’s use of broad, vague consent decrees, in the LabMD v Federal Trade Commission ruling that the Commission may only bar specific practices, and cannot require a company “to overhaul and replace its data-security program to meet an indeterminable standard of reasonableness.” We are joined by TechFreedom’s President Berin Szóka and Legal Fellow Graham Owens. They explain why this case is so crucial, what’s next for the FTC and what policy changes can be on the horizon.
The FBI has been a vocal critic of the spread of encryption, often citing the nearly 8,000 devices connected to crimes that were inaccessible to law enforcement last year as evidence that increased device security represents a major threat to law enforcement. But a recent Washington Post article revealed that this number was seriously inflated due to “programming error,” with the real value estimated at around 1,200. Robyn Greene, the policy counsel and government affairs lead for the Open Technology Institute joins the show to discuss what this mistake means for the future of encryption policy. For more, see this letter led by OTI and signed by TechFreedom calling on the Inspector General to investigate the FBI and DOJ’s handling of the error, as well as Greene’s other work.