Much has been written on the growing risks of data breaches and other cyberattacks, especially after the massive security breach at Equifax in September 2017. Recent cases holding franchisors liable for franchisees’ data...more
Editor’s note: This is the sixth and last in our end-of-year series. See our previous posts on trade secrets, state regulation and law enforcement, HIPAA compliance, emerging threats, and energy. See you in 2017! ...more
Businesses today have their work cut out for them. Small or large, no organization is immune from cybersecurity threats. Added pressures arise from stepped up government regulatory oversight and enforcement that targets an...more
On July 29, 2016, the three Federal Trade Commission (“FTC”) commissioners vacated their chief administrative law judge’s bold decision to dismiss the agency’s action against a medical testing lab, LabMD, In the Matter of...more
According to the FBI, “there are only two types of companies: those that have been hacked and those that will be.” It does not take an actual data breach, however, for a company to be liable for its data security practices. ...more
How much does the question of harm matter in cybersecurity law? The answer is: It depends on who is bringing the claim. Businesses confronting data breaches can face litigation from private consumers as well as from...more
Last month, Wyndham Worldwide Corp. settled its lengthy civil case with the Federal Trade Commission. The suit began in 2012, when the FTC sued Wyndham and three of its subsidiaries, alleging three data breaches between 2008...more
The end of 2015 represented a mixed bag for the Federal Trade Commission on privacy enforcement. In November, the FTC’s Chief Administrative Law Judge dismissed the FTC’s complaint against LabMD for a possible data breach of...more
On the shifting sands of cyber security regulation, it is important to understand the outcome of two recent enforcement cases brought by the Federal Trade Commission (FTC) – one against clinical lab services company LabMD,...more
Senior Counsel Peter Swire to Debate European Privacy Activist Max Schrems. The debate, set to take place on January 26 in Brussels, will highlight key differences between certain European and U.S. attitudes towards U.S....more
Both the administrative law judge’s decision in LabMD and the Third Circuit’s recent decision in Wyndham, which we previously blogged about, put the FTC on notice that it cannot assume that in the wake of a security breach,...more
In this edition of our Privacy & Cybersecurity Update, we provide a detailed summary of the sweeping changes to be imposed by the European Union’s new data protection regulation, which will require many companies to begin...more
Companies are threatened daily by attacks that expose customer credit card and other information stored on company servers, personal computers and other devices. It is, therefore, critical that companies do these three...more
The recent settlement entered into between the Federal Trade Commission (FTC) Wyndham Hotels and Resorts and related companies (Wyndham) provides an important roadmap for companies seeking to avoid running afoul of the FTC’s...more
Following the Third Circuit’s ruling upholding the FTC’s authority to regulate unfair and deceptive cybersecurity practices under Section 5 of the FTC Act, Wyndham Worldwide Corporation and the FTC have agreed to settle. ...more
On December 9, Wyndham Hotels and Resorts (“Wyndham”) agreed to a landmark settlement with the Federal Trade Commission (“FTC”) stemming from the FTC’s lawsuit against it after three data breaches that occurred between 2008...more
After four years of litigation, this past Wednesday, Wyndham Worldwide Corporation and three of its subsidiaries (collectively, “Wyndham”) settled the Federal Trade Commission’s (“FTC”) allegations that the global...more
In a surprising development, Wyndham Worldwide Corporation settled a long running dispute last week with the Federal Trade Commission that arose from three data breaches Wyndham suffered between 2008-2010. After an...more
The years-long saga of the Federal Trade Commission’s suit against Wyndham Hotels over data breaches that occurred at least as early as April 2008 is finally coming to an end with a proposed settlement filed today with the...more
On December 9, 2015, the Federal Trade Commission announced that Wyndham Worldwide Corp., Wyndham Hotel Group LLC, Wyndham Hotels and Resorts, LLC, and Wyndham Hotel Management, Inc. (“Wyndham”) had agreed to settle FTC...more
On December 9, 2015, the Federal Trade Commission (FTC), with the agreement of Wyndham Hotels and Resorts (“Wyndham”), filed a stipulated order for injunction (“Consent Order”) in the U.S. District Court for the District of...more
On December 9, 2015, Wyndham and the FTC settled the enforcement action brought by the FTC that had led to a significant decision by the Third Circuit in August of this year. While the details of the settlement are...more
We have been following the hard fought case between the FTC and Wyndham over an investigation that was launched by the FTC following a series of data breaches of Wyndham’s payment card information between 2010 and 2012 (see...more
A new study released by NYSE Governance Services and security firm Veracode, “Cybersecurity and Corporate Liability: The Board’s View,” is a must read for directors and officers. Veracode was quite accommodating when I asked...more
In Federal Trade Commission v. Wyndham Worldwide Corporation, the United States Court of Appeals for the Third Circuit held that the Federal Trade Commission (FTC) has authority to regulate cybersecurity under 15 U.S.C. §...more