The FTC ordered CafePress’ online store to improve safety following the breach in 2019. For more information, please refer to the Cafe Press FTC Settlement.
Want to learn more about the CafePress settlement and the FTC settlement? The FTC (Federal Trade Commission), reportedly took swift action against CafePress, an online marketplace that offers customizable products, due to data protection violations.
It is possible to find out how the problem will be solved for people in Canada, United Kingdom and United States. The Commission suggested that the corporation improve its information security. Cafe Press FTC Settlement – Continue reading
Information about the Settlement
The Federal Trade Commission ordered CafePress, an online store that sells food and drinks to improve its security measures. It also imposed a $500,000 penalty as part of a settlement over a 2019 incident that involved millions of users’ personal data. The agreement requires that the former owner must pay half a billion dollars to compensate smaller businesses.
E-commerce sites must use authentication methods and limit the amount of data they collect. Users’ Social Safety numbers should be secured after placing an order. Every year, the company must undergo an external audit.
Cafe Press FTC Settlement
This settlement shows how Chair Lina Khan and the organization have taken proactive steps to prevent alleged data protection violations. The Biden nominee also pledged to take these issues more seriously as part of a comprehensive regulation strategy.
CafePress’ agreement is in response to a February 2019 incident in which a hacker stole data from the personal computers of web company employees. The leaked data included more than 20 million client credentials and emails with insufficient security and 180,000 personal details. Cafe Press FTC settlement was initiated when FTC accused the site, Cafe Press, of not adopting sufficient security safeguards, retaining information for longer than necessary, and conducting weak investigations into the incident.
Establish and enforce a discard policy.
Only keep user data that is required by law, legislation, operations, or any other factor should be kept by businesses. The FTC stated that CafePress had retained client information permanently, even though it was possible to establish a business use for the data. This poses a serious risk to users.
Cafe Press FTC settlementimplies that data should be destroyed if there is no business or regulatory reason to keep it. Companies must create and maintain a policy detailing how customer data will be safely deleted and how long they are kept.
Conclusion
CafePress was charged by the FTC with failing to implement security measures to protect sensitive data on its network. CafePress must now improve its information security. A settlement was reached, which included a payment of $500,000 in fines.
Did you find this post useful? Share your thoughts and experiences with the online store by commenting below on the post Cafe Press FTC settlement.