Alden Abbott writes:
Over the past decade, the Federal Trade Commission, the federal government’s primary consumer protection agency, has pursued over 50 enforcement actions against companies that it deemed had “inadequate” data security practices. However, data security costs due to FTC actions will be passed on at least in part to consumers and should be weighed against the benefits in reduced data breaches. The FTC should carefully consider whether its current policies in this area are cost-beneficial and whether specific reforms would advance the public interest in enhancing data protection in a less burdensome, more welfare-enhancing fashion. The focus should be on punishing data thieves, not on imposing excessive regulatory burdens on legitimate businesses—burdens that could weaken the private sector and impose unwarranted costs on consumers.
Read more on Heritage Foundation.