The Federal Trade Commission (FTC) updated its Information Safeguards Rule to strengthen the safeguards that businesses, including auto dealers, are required to put in place to protect their customers’ private information. In recent years, widespread data breaches and cyberattacks have resulted in significant harm to consumers, resulting in monetary loss, identity theft, and other forms of financial distress. The FTC’s updated Safeguards Rule requires dealers to develop, implement, and maintain a comprehensive security system to keep their customers’ information safe.

An Official expert recently stated “ FTC Bureau of Consumer Protection requires Motor Vehicle Dealers that collect sensitive customer-consumer data information in paper document form have a responsibility to protect it. The updates adopted by the Commission to the Safeguards Rule detail common-sense steps that Motor Vehicle Dealers must implement to protect customer-consumer paper document information from cyberattacks and other threats.”

One of the changes adopted by the FTC includes limiting who can access consumer data information and mandates the use of end-to-end encryption to secure the data. Under the Rule, dealers must also explain their information-sharing practices, specifically the administrative, technical, and physical safeguards that the dealership uses to access, collect, distribute, process, protect, store, use, transmit, dispose of, or otherwise handle customers’ secure paper documents and other forms of this information. In addition, Motor Vehicle Dealers will be required to designate a single qualified individual to oversee their safeguards program including secure document scanning services, data information security program, and periodic reporting to ownership.

The FTC is scrutinizing dealership compliance with protecting customers’ non-public information. NJ CAR has partnered with AutoTrieve to offer a product that collects, scans and securely stores customer information to protect it from a potential breach or cyber theft. AutoTrieve also helps dealers comply with security rules imposed by regulators while mitigating the risk of potentially costly fine.