April 22, 2019
Authored by: Bryan Cave, Merrit Jones and Jena Valdetero
A number of retailers and manufacturers have recently received notices from the U.S. Consumer Product Safety Commission concerning a possible data breach. The CPSC’s letter advises recipients of an unauthorized release of confidential information that did not go through the procedures of 15 U.S.C. § 2055, also known as “Section 6(b)” of the Consumer Product Safety Act (CPSA).
Section 6(b) is intended to encourage candor between the CPSC and regulated companies, by assuring that sensitive information will be handled under procedures intended to ensure the accuracy and fairness of any disclosure. Section 6(b) restricts the CPSC’s public disclosure of manufacturer and product specific information, and applies to information from which the public can readily determine the identity of a manufacturer.
The breach appears to concern a mass inadvertent disclosure of nonpublic manufacturer and product specific information. It appears the information could have been released months ago, but the CPSC only recently