Third Court of Appeals Ryules FTC Can Proceed with Lawsuit
A Third Circuit U.S. Court of Appeals panel of judges ruled Aug. 24 that the FTC could proceed with its lawsuit against hotel chain Wyndham Worldwide Corp. The suit claims the company violated the FTC Act's unfair business practice provisions when it took inadequate security measures to protect consumer data. As a result, the FTC claims, Wyndham had data breaches that between 2008 and 2009 exposed more than 619,000 payment cards and other consumer information.
Legal experts says the court's decision essentially affirms the FTC's right to oversee and fine U.S. companies for cybersecurity missteps that result in the compromise of personal information and payment.
Based on the court's decision, "it is even clearer that the FTC is the leading agency in the U.S. for data breach matters," says cybersecurity attorney Chris Pierson, who serves as chief security officer of payments provider Viewpost. "Challenging the FTC's authority to regulate unfair/deceptive acts and practices is unlikely to be fruitful in court. The Wyndham case is a seminal case for the FTC for the proposition that the FTC has the power and ability to oversee cybersecurity breach issues as the nation's default regulator."