Research, ideas, and leadership for a more secure, peaceful world

Past Event
Special Series

Chris Hoofnagle: Cyber Security and the FTC

Open to the Public

The Cyber Security Project will host a lunch with Chris Jay Hoofnagle, UC Berkeley School of Information and School of Law, on the U.S. Federal Trade Commission's cybersecurity. 

Lunch provided on a first come, first served basis. All lunches are off the record. 

Date: Time: - Location: Suite 470
Chris Hoofnagle

About

The U.S. Federal Trade Commission (FTC) is among the most important cybersecurity regulators. This talk will explain how this century-old competition and consumer law agency came to “own” cybersecurity in the private sector. The FTC uses its power to prevent unfair and deceptive trade practices to promote “reasonable” security practices in the private sector. The FTC does so not through promulgating formal rules, but rather by selectively enforcing the ban on deceptive and unfair practices against companies with particularly bad security. The FTC’s interventions have several knock on effects, including the bolstering of the quality of consent businesses must obtain from users when monitoring them, the erosion of both intermediary and software immunity, and the promotion of citizen privacy expectations with regard to state surveillance.

The FTC approach appears beneficial, yet it also raises important questions: How can this small agency that only brings about 20 cases a year possibly promote security in a meaningful way? What “cybersecurity” is promoted by a consumer-protection-oriented agency, and is this the kind of security we most need? Should “reasonable security” be the FTC’s lodestar, or has security become as important as product safety, thus requiring a higher standard, such as strict liability? How can the FTC signal its expectations to businesses and afford them due process without developing formal rules, which can be sclerotic?

Biography

Chris Jay Hoofnagle holds dual appointments as adjunct professor in the School of Law and the School of Information (where he is resident). He is the author of Federal Trade Commission Privacy Law and Policy (Cambridge University Press) and an elected member of the American Law Institute.

At Berkeley, Hoofnagle has taught computer crime law, internet law, information privacy law, and seminars on the FTC and on education technology.

Hoofnagle co-chairs the annual Privacy Law Scholars Conference. He has served on the AAUP’s Committee A on Academic Freedom and Tenure. He is also a member of the San Francisco Electronic Crimes Task Force, Palantir Technology’s Council on Privacy and Civil Liberties, and InfraGard.

Licensed to practice in California and Washington, D.C., Hoofnagle is of counsel to Gunderson Dettmer Stough Villeneuve Franklin & Hachigian, LLP.