Cafe Press FTC Settlement (2022 Update): Learn More


Following the 2019 breach, the FTC ordered CafePress’s online store to strengthen safety. Read the Cafe Press FTC Settlement detail for more information.

Do you wish to know the details of the CafePress and FTC settlement? Due to breaches resulting from its data protection policies, the FTC (Federal Trade Commission) reportedly acted quickly against CafePress, an online marketplace for customizable items.

People in Canada, the United Kingdom, and the United States are interested in learning how it will be resolved. According to the Commission’s suggested decision, the corporation must improve its information security. Read on to learn more about Cafe Press FTC Settlement.

About the Settlement

Under terms of a deal over a 2019 incident involving millions of users’ personal information, the Federal Trade Commission compelled online store CafePress to enhance its safeguards and face a $500,000 fine. It implies that  the former owner of the company must pay half a million dollars to reimburse smaller companies,

An e-commerce site must implement authentication methods, limit the quantity of data it collects, and secure users’ Social Safety numbers following the final order. Additionally, the business must go through an external auditing process every year.

Cafe Press FTC Settlement

This settlement demonstrates how the organization, led by Chair Lina Khan, has worked for proactive steps to stop alleged violations of data protection. Moreover, the Biden nominee has pledged to pursue these problems more forcefully as part of a comprehensive regulatory strategy.

This CafePress agreement is related to a February 2019 occurrence in which a hacker stole information from the web company’s personal computers. Upwards of 20 million client emails and credentials with reportedly insufficient protection and 180,000 Personal Details kept in the clear text were all part of the leaked data. Cafe Press FTC Settlement began as FTC accused the site of failing to adopt sufficient security safeguards, retaining data for longer than needed, and conducting a weak investigation into the incident.

Create and put into effect a discard policy.

Businesses should only keep valuable user data for as much as is required by federal law or legislation, operational processes, or other factors. Despite considering if there was a valid business purpose for such data, the FTC claimed that CafePress retained client information on its systems permanently, posing an extreme risk to the users of the company.

Cafe Press FTC Settlement implies when there is no longer a valid business or regulatory reason for keeping the data, companies should create and uphold a discarding policy that specifies how long customer data is preserved and how it is safely removed.

Conclusion

The FTC charged Cafepress with failing to take appropriate security precautions to safeguard sensitive data on its network. As a result, CafePress corporation must improve its information security. Also then, a settlement was established of paying a $500,000 fine.  


Leave a Reply

Your email address will not be published.