Credit Cards Federal Trade Commission

News & Analysis as of

Home Depot Challenges Banks’ Standing to Recover Losses Related to Data Breaches

In the aftermath of major data breaches at deep-pocketed retailers and other businesses, there is typically no shortage of litigants who move quickly to seek compensation from the business at which the breach occurred. But...more

A Storm Brews: Retailers Push Back Against Payment Card Industry Data Security Standards

As businesses and financial institutions grapple with data security in the wake of high profile breaches, tensions between retailers and the credit card industry over the creation and implementation of security standards...more

FTC Launches Study of Assessment Process for Payment Card Industry Data Security Standards

On March 7, the FTC announced a study of Payment Card Industry Data Security Standard (“PCI DSS”) assessments – the audits required of certain merchants pursuant to rules imposed by payment card brands such as Visa and...more

How to Select a Qualified Security Assessor (“QSA”)

Retailers that accept credit cards are typically required by the payment card brands to show that they are in compliance with the Payment Card Industry Data Security Standards or “PCI DSS” at least once a year. How a retailer...more

Following its Settlement with Wyndham, the FTC Launches Wide Scale Inquiry Into PCI Compliance Audits

In December 2015, the Federal Trade Commission (FTC) settled a drawn-out civil action it brought against Wyndham Worldwide Corporation (Wyndham) for multiple data breaches involving cardholder data (i.e., information on...more

FTC Announces Study of PCI-DSS Assessment Companies

On Monday, March 7 the Federal Trade Commission (FTC) issued a press release announcing that it had issued Orders to nine Qualified Security Assessor (QSA) companies, which are certified to assess whether or not entities...more

FTC issues 9 orders for PCI DSS compliance assessment information

The Federal Trade Commission (FTC) issued orders to 9 companies at the beginning of this week, seeking information on how each company conducts Payment Card Industry Data Security Standards (PCI DSS) compliance assessments....more

FTC Requests Auditors’ Data on PCI Data Security Assessments

Earlier this week, the FTC issued orders to nine credit card and payment security auditors in an effort to gain insight into data security compliance auditing and its role in protecting consumers’ information and privacy....more

FTC Examines Process by which Companies Assess Compliance with PCI DSS

The Federal Trade Commission (FTC) has issued orders to obtain information about the process by which businesses audit their compliance with the Payment Card Industry Data Security Standards (PCI DSS) and the role of such...more

Financial Services Report, Spring 2016

Why another law firm newsletter? Over ten years ago, Will Stern answered that question in the first Editor’s Note of the first Financial Services Report. Some things have changed since then—we no longer print and mail paper...more

There’s a New (Cybersecurity) Sheriff in Town: FTC vs. Wyndham

On August 24, 2015, the Third Circuit United States Court of Appeals issued its ruling in Federal Trade Commission v. Wyndham Worldwide Corporation. The case was highly anticipated by the data security community generally for...more

FTC v. Wyndham: The Third Circuit Recognizes FTC Authority to Regulate Commercial Cyber Security Practices

In 2014, the United States Court of Appeals for the Third Circuit ruling in FTC v. Wyndham Worldwide Corporation agreed to hear an immediate appeal on two issues: “whether the FTC has authority to regulate cybersecurity under...more

2Q 2015 Sees Increase in Enforcement Litigation

For the second quarter of 2015, Consumer Finance Enforcement Watch tracked 56 enforcement actions taken against consumer finance providers, a slight uptick in enforcement activity from the previous quarter’s 46 actions. ...more

Federal Appeals Court Recognizes for the First Time the FTC’s Authority to Enforce Cybersecurity Practices

On August 24, 2015, the Third Circuit Court of Appeals issued a much-awaited decision in FTC v. Wyndham Worldwide Corporation, holding that the Federal Trade Commission (FTC) has authority to regulate “unfair” or “deceptive”...more

3rd Circuit Says: FTC Can Take Action Against Companies That Suffer Data Security Breaches

Companies can be fined by the federal government for failing to properly safeguard consumer data, according to a decision this week by Pennsylvania's federal appellate court....more

Third Circuit Affirms FTC Authority to Police Whether Companies Have Reasonable Data Security

Since at least 2005, the Federal Trade Commission has asserted that it may regulate lax data security practices as an “unfair” business practice under Section 5 of the FTC Act. The Wyndham hotel chain was the first to...more

Third Circuit to Wyndham (Part I): It's "Fair" that FTC Did Not Articulate Specific Cybersecurity Standards in Enforcement Action...

On Monday, the Third Circuit issued a highly anticipated opinion affirming the Federal Trade Commission's authority to regulate "unfair" cybersecurity practices under Section 5 of the FTC Act. In allowing the data breach...more

UPDATE: Third Circuit Affirms FTC’s Data Security Authority in Wyndham

The U.S. Court of Appeals for the Third Circuit released its much-anticipated ruling in Federal Trade Commission v. Wyndham Worldwide Corp. on August 24, 2015, unanimously upholding the FTC’s authority to regulate companies’...more

New Potential Liability for Data Security: U.S. Court of Appeals for the Third Circuit Announces FTC has Authority to Scrutinize a...

The U.S. Court of Appeals for the Third Circuit announced that the Federal Trade Commission (FTC) has the authority to scrutinize a business’s data security protocol -- and to file a complaint if the FTC finds that protocol...more

Privacy Tuesday – August 24, 2015 – FTC vs. Wyndham Update

Rather than our usual Privacy Monday “bits and bytes,” we have a breaking story relating to the ongoing Wyndham/FTC saga. Today, Wyndham Worldwide Corp. lost a critical round in the Third Circuit. Anticipated since...more

DoD Releases Final Military Lending Act Regulations

The Department of Defense (DoD) released its final rule amending the implementing regulations of the Military Lending Act (MLA), incorporating a broader range of credit products under its coverage and potentially implicating...more

FTC refunds consumers for telemarketing scam

The FTC recently announced that it is sending more than $969,000 to 10,387 customers who were bilked out of their funds through a telemarketing scam operated by Innovative Wealth Builders (IWB)....more

FTC May Have Authority to Regulate Companies’ Data Security Practices

Between 2008 and 2010, hackers stole credit card information from the computer network of Wyndham Hotels & Resorts LLC (“Wyndham”), which affected hundreds of thousands of Wyndham’s customers in the process. The Federal Trade...more

FTC Publishes revised COPPA FAQs, clarifies parental consent methods

The FTC has issued three new FAQs clarifying the “verifiable parental consent” requirements under the COPPA Rule. In one of the revised FAQs, the FTC reiterates that the COPPA Rule’s list of parental consent methods is...more

COPPA Update: FTC Provides More Flexibility on Obtaining Verifiable Parental Consent

Some clarification and a bit more flexibility was forthcoming late last week from the Federal Trade Commission to help ease compliance with the “new” COPPA. In its recent update to three FAQs in Section H (Verifiable...more

33 Results
|
View per page
Page: of 2
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×