n another step to enhance the FTC’s website, I’m pleased to announce that our agency has enabled encryption by default (HTTPS) for ftc.gov, our primary public domain, and home of the Tech@FTC blog.
Ironically, as I was preparing this post, the entire internet has been Freaking out about another vulnerability in SSL.
While we have long provided secure transport for FTC domains that handle sensitive consumer data, such as complaint data and email subscriptions, consumers will now browse our entire site more privately, and their browsers will automatically verify the identity of the website to which they’re connecting – an important step to mitigate attempts to impersonate the FTC.
Transit encryption is an important safeguard against eavesdroppers and has been the subject of previous investigations where we alleged companies failed to live up to their security promises when collecting personal information. It’s an important step when websites or apps collect personal information, and is a great best practice even if they don’t.
Read the Complete Blog Post