Attacked On All Fronts : FTC Defends Its Authority to Sue Companies That Are Victims of Hacking for “Unfair” Security Practices


Getting hacked by Russian hackers three times in two years has turned out to be only half of the problem for Wyndham Worldwide Corporation. The Federal Trade Commission, in a broad interpretation of the authority granted to it by Congress, brought suit against the hotel franchiser on August 9, 2012. The FTC alleges that Wyndham deceived consumers because its website privacy notice contained misrepresentations regarding Wyndham’s privacy practices. The FTC also alleges that Wyndham engaged in “unfair business practices” because it did not have adequate security measures in place to protect customers from unnecessary and unjustifiable risk.

The FTC’s allegation that Wyndham engaged in “unfair business practices” has sparked controversy. While most practitioners do not contest that the FTC has authority to bring an enforcement action against a company for misleading or false statements regarding its security practices, a heated debate is ongoing over whether the FTC has the authority to regulate the way companies keep and protect personal data. In its motion to dismiss, Wyndham argued, among other things, that the FTC cannot regulate corporate security practices because it has not published rules governing cybersecurity standards that would provide adequate notice to companies of the standards to which they are being held.

Please see full alert below for more information.

LOADING PDF: If there are any problems, click here to download the file.

Written by:

Published In:


DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© King & Spalding | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.