Does The FTC’s Strategic Plan Give Enough Direction To Businesses On Privacy And Data Security?

Businesses turn to Sheppard to deliver sophisticated counsel to help clients move ahead. With more than 1,200 lawyers located in 16 offices worldwide, our client-centered approach is grounded in nearly a century of building enduring relationships on trust and collaboration. Our broad and diversified practices serve global clients—from startups to Fortune 500 companies—at every stage of the business cycle, including high-stakes litigation, complex transactions, sophisticated financings and regulatory issues. With leading edge technologies and innovation behind our team, we pride ourselves on being a strategic partner to our clients.

Explore Firm Details

The FTC's newly published 2026-2030 Strategic Plan reveals the agency's enforcement priorities for the coming years, with a primary focus on consumer protection through privacy and data security measures. With only two commissioners currently in place, the plan outlines key program areas including fighting deception, addressing unlawful privacy conduct, holding BigTech accountable for harm to children, protecting workers, and combating unfair ticket sales practices.

United States Privacy

Article Insights

Sheppard, Mullin, Richter & Hampton LLP are most popular:

within Cannabis & Hemp topic(s)

The FTC’s new 2026–2030 Strategic Plan is a roadmap that explains the agency’s goals over the next five years. Currently, there are only two commissioners out of the intended five. Both commissioners voted in favor of this plan. While it is thus possible that the FTC’s plans may change as the roster of commissioners increases, the plan nevertheless is a helpful document for companies to review when designing their privacy and data security programs.

The plan outlines the FTC’s three goals, the first of which relates to privacy and data security. In explaining this first goal, which is to protect consumers from unfair or deceptive acts in the marketplace, the FTC lists several key program areas. This signal for companies what the FTC may focus on in the coming months – and years. These include (1) fighting deception and “high‑dollar harm;” (2) addressing “unlawful conduct” relating to privacy and data security; (3) holding BigTech “accountable” for actions that result in harm to children or that “undermine the online marketplace;” (4) protecting workers; and (5) taking action against deceptive or unfair practices in the ticket sales industry.

One of the objectives for FTC consumer protection that the plan outlines is for the FTC to take actions to deter these practices “without unduly burdening legitimate business activity.” The mechanisms that the plan lays out are not new. They include collecting consumer reports through online portals like reportfraud.ftc.gov, and sources like law enforcement agencies and Better Business Bureaus. The FTC will continue to use its enforcement powers to bring suit against those who it believes are violating privacy laws, including COPPA or Section V of the FTC Act. The report notes that the FTC will use success measures like how much money is returned to consumers and the number of orders that enjoin unfair and deceptive practices.

Putting It Into Practice: This report signals that the FTC will continue its mission to stop unfair and deceptive trade practices. In designing privacy and data security compliance priorities, keep in mind the concerns the FTC lays out in this plan. Steps companies might take include “premortems” to identify possible failure points that could result in high dollar harm.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

[View Source]

Does The FTC’s Strategic Plan Give Enough Direction To Businesses On Privacy And Data Security?

Contributor

Privacy

Contributor

United States