United States of America: Issued ruling on claims process for consumers affected by CafePress's data security failures
Description
Issued ruling on claims process for consumers affected by CafePress's data security failures
On 18 September 2024, the Federal Trade Commission (FTC) announced that it was distributing over USD 370'000 in payments to consumers affected by data security lapses at the online merchandise platform CafePress. This follows a March 2022 settlement where the FTC alleged that CafePress failed to implement adequate security measures, resulting in multiple data breaches that exposed sensitive user information, including Social Security numbers. The FTC is sending payments to 20'044 consumers who filed valid claims.
Original sourceScope
Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
platform intermediary: e-commerce
Implementation Level
national
Government Branch
executive
Government Body
consumer protection authority
Complete timeline of this policy change
Hide details
2022-03-15
under deliberation
2024-01-10
under investigation