The FTC recently issued a proposed order that would settle an enforcement action against Drizly, LLC and its co-founder and CEO, James Rellas, arising from data breaches in 2018 and 2020 that affected over 2.5 million customers. The FTC’s proposed order is unusual in that applies to Rellas personally. The order requires Rellas to implement various data security practices at any company he owns or oversees in the next decade, even if Rellas moves to a company unrelated to Drizly.

Let’s take a look at the data security breaches that led to the FTC’s enforcement action and some of the key takeaways that result from the FTC’s unusual proposed order.

Read the Privacy blog post here.