Breach, Data Security

Federal appellate court confirms FTC authority in Wyndham case


The Federal Trade Commission (FTC) has the right to pursue enforcement action against Wyndham Worldwide after the hotel chain experienced a trio of breaches, a federal appeals court ruled Monday.  

While the FTC's regulatory authority in cybersecurity cases has been questioned, the U.S. Court of Appeals for the Third Circuit upheld a lower court decision affirming that authority and giving the go-ahead to a lawsuit brought by the commission in 2012, which accuses Wyndham of serious security shortcomings.

The court opinion noted that Wyndham had been breached three times and was fingered by the FTC because it “did not use encryption, firewalls, and other commercially reasonable methods for protecting consumer data.”

FTC Chairwoman Edith Ramirez said in a statement that the “decision reaffirms the FTC's authority to hold companies accountable for failing to safeguard consumer data,” noting it is "critical" the commission “has the ability to take action...when companies fail to take reasonable steps to secure sensitive consumer information.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.