To protect consumer’s information from businesses that do not obey their own privacy policies, the Federal Trade Commission or FTC will enforce Section 5 of the Federal Trade Commission Act, which prohibits unfair or deceptive trade practices.
Here, ConnectEDU was attempting to sell its assets to a third party without properly notifying the consumer and therefore, give the customer an opportunity to delete their information. The FTC offered some guidance from its heavy hand and suggested that ConnectEDU provide users with a notice of the sale of their personal information and opportunity to remove their data should a consumer feel uneasy about the final destination of their personal information.
The FTC also suggested destroying the personal information, but that seems counterintuitive since that is what a third party is buying – the information of the students has value, and destroying it would reduce the value of the sale. The FTC isn’t concerned with how much money is lost, so long as the laws are being enforced. In the alternative, the FTC suggested the Court could appoint a privacy ombudsman to ensure the privacy interests of ConnectEDU’s customers are protected.
Heeding the Warning