FTC enforcement actions for unfair practices cannot be based just on consumer injury, even “substantial” injury.
This is going to get wonky, but, trust me, it’s what cybersecurity defense lawyers are already buzzing about.
24 Section 5(n) now states, with regard to public policy, “In determining whether an act or practice is unfair, the Commission may consider established public policies as evidence to be considered with all other evidence. Such public policy considerations may not serve as a primary basis for such determination.” We do not take this ambiguous statement to mean that the Commission may bring suit purely on the basis of substantial consumer injury. The act or practice alleged to have caused the injury must still be unfair under a well-established legal standard, whether grounded in statute, the common law, or the Constitution.