Federal appeals court confirms FTC authority to regulate cybersecurity policies and procedures

Barbara Mishkin
Ballard Spahr LLP
Contact
LinkedIn
Facebook
X
Send
Embed

Banks and other companies subject to the CFPB’s jurisdiction face the possibility that the CFPB could begin using its authority under Sections 1031 and 1036 of the Dodd-Frank Act (which proscribe unfair, deceptive or abusive acts or practices) to regulate cybersecurity policies and procedures. For companies also subject to the FTC’s jurisdiction, however, the threat of FTC regulation of their cybersecurity policies and procedures is significantly more imminent in view of a recent decision of the U.S. Court of Appeals for the Third Circuit.

In FTC v. Wyndham Worldwide Corporation, a case of first impression, the Third Circuit ruled that the FTC can regulate cybersecurity policies and procedures as “unfair” acts or practices under Section 5 of the FTC Act. For a discussion of the decision, see our legal alert.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Ballard Spahr LLP | Attorney Advertising

Written by:

Ballard Spahr LLP
Ballard Spahr LLP
Contact
more
less

Ballard Spahr LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide