The FTC in the US plans to take the rare step of bringing individual sanctions against the CEO of alcohol delivery company Drizly for data privacy abuses, following allegations that the company’s security failures under his watch exposed the personal information of about 2.5 million customers.
The proposed order will follow Drizly CEO James Cory Rellas to future businesses, requiring him to implement a security program at any companies he runs that collect information from more than 25,000 people. The order will also apply to the company itself, which is now a subsidiary of the ride-hailing service Uber. Under the terms of the FTC action, Rellas and Drizly will have to destroy unnecessary data, implement new data controls and train employees about cybersecurity.
https://www.washingtonpost.com/technology/2022/10/24/ftc-drizly-privacy-violations/