FTC’s Info Security Action Against GoDaddy Sends ‘Clear Signal’ to Web Hosting Industry

Last week, the Federal Trade Commission ordered web hosting company GoDaddy to establish a “comprehensive information security program” to settle charges that it has failed to protect its platform from security threats since 2018, a decision a cybersecurity law expert says will likely reverberate throughout the web hosting industry.

The FTC’s proposed settlement, which the commissioners approved in a 5-0 vote, gives GoDaddy 90 days to implement the program. It also prohibits the company from misrepresenting the extent and effectiveness of its cybersecurity protocols to customers; mandates third-party information security assessments; and requires GoDaddy to report security incidents to the commission within 10 days of alerting other government entities.