Website Privacy a Fresh Concern for Plans
ERISA does not preempt the application of all federal laws and regulations to retirement plans — and that includes website privacy standards set by the Federal Trade Commission.
In a recent post on his Business of Benefits blog
, Robert Toth, Principal at Toth Law, discusses a recent court ruling on website privacy policies and cyber security that serves as a reminder of the importance of addressing these matters and being in compliance with applicable rules.
Toth writes that it now appears that the federal courts will recognize the FTC’s authority to regulate website privacy and cybersecurity. He points out that the Federal Trade Commission Act forbids “unfair or deceptive acts or practices in or affecting commerce,” such as a practice that causes or is likely to cause substantial injury to consumers and that they cannot avoid, regardless of any beneficial effects that practice may have for consumers or competition.
Toth notes that in Federal Trade Commission v. Wyndham Worldwide Corporation