On January 18, the Federal Trade Commission (“FTC”) released its Privacy & Data Security Update: 2017, describing its activities in the areas of consumer privacy and data security during the past year.

The report highlights the breadth of the FTC’s enforcement actions, both under Section 5 of the FTC Act, which prohibits unfair or deceptive practices in the marketplace and is the FTC’s primary tool with respect to consumer privacy and data security, and under various sector specific laws, such as the Fair Credit Reporting Act, the Gramm-Leach-Bliley Act (the Safeguards Rule, Privacy Rule and Regulation P), the Children’s Online Privacy Protection Act and the Telemarketing Sales Rule (Do Not Call provisions).  The report also describes the FTC’s efforts to enforce international privacy frameworks, including the FTC’s first three enforcement actions under the EU-U.S. Privacy Shield framework.  Finally, the report highlights the FTC’s efforts in other areas, such as advocacy, consumer education, business guidance and policy development.

The full report can be found here.