FTC Completes Settlement with GoDaddy Over Improper Security Measures
The FTC finalized a settlement with GoDaddy over allegations that the domain registry failed to implement proper security measures, which prompted data breaches, the commission said Wednesday. Under the order, GoDaddy cannot make misrepresentations about its security or compliance with privacy or security programs. In addition, it must establish an information-security program and hire a third-party assessor to review it.
Sign up for a free preview to unlock the rest of this article
The FTC in January announced the settlement requiring GoDaddy to implement a robust information security program (see 2501150086). The commission filed a complaint that alleged the domain registry misled customers about the scope of data security protections, despite failing to implement measures that were appropriate and reasonable. Several data breaches occurred because of the poor security systems, the FTC said.
The FTC said it received three comments on the proposed settlement by the March 17 deadline (see 2502120006).