Much has been written on the growing risks of data breaches and other cyberattacks, especially after the massive security breach at Equifax in September 2017. Recent cases holding franchisors liable for franchisees’ data...more
On July 29, 2016, the three Federal Trade Commission (“FTC”) commissioners vacated their chief administrative law judge’s bold decision to dismiss the agency’s action against a medical testing lab, LabMD, In the Matter of...more
According to the FBI, “there are only two types of companies: those that have been hacked and those that will be.” It does not take an actual data breach, however, for a company to be liable for its data security practices. ...more
How much does the question of harm matter in cybersecurity law? The answer is: It depends on who is bringing the claim. Businesses confronting data breaches can face litigation from private consumers as well as from...more
Last month, Wyndham Worldwide Corp. settled its lengthy civil case with the Federal Trade Commission. The suit began in 2012, when the FTC sued Wyndham and three of its subsidiaries, alleging three data breaches between 2008...more
The end of 2015 represented a mixed bag for the Federal Trade Commission on privacy enforcement. In November, the FTC’s Chief Administrative Law Judge dismissed the FTC’s complaint against LabMD for a possible data breach of...more
On the shifting sands of cyber security regulation, it is important to understand the outcome of two recent enforcement cases brought by the Federal Trade Commission (FTC) – one against clinical lab services company LabMD,...more
Senior Counsel Peter Swire to Debate European Privacy Activist Max Schrems. The debate, set to take place on January 26 in Brussels, will highlight key differences between certain European and U.S. attitudes towards U.S....more
In this edition of our Privacy & Cybersecurity Update, we provide a detailed summary of the sweeping changes to be imposed by the European Union’s new data protection regulation, which will require many companies to begin...more
The recent settlement entered into between the Federal Trade Commission (FTC) Wyndham Hotels and Resorts and related companies (Wyndham) provides an important roadmap for companies seeking to avoid running afoul of the FTC’s...more
Following the Third Circuit’s ruling upholding the FTC’s authority to regulate unfair and deceptive cybersecurity practices under Section 5 of the FTC Act, Wyndham Worldwide Corporation and the FTC have agreed to settle. ...more
On December 9, Wyndham Hotels and Resorts (“Wyndham”) agreed to a landmark settlement with the Federal Trade Commission (“FTC”) stemming from the FTC’s lawsuit against it after three data breaches that occurred between 2008...more
After four years of litigation, this past Wednesday, Wyndham Worldwide Corporation and three of its subsidiaries (collectively, “Wyndham”) settled the Federal Trade Commission’s (“FTC”) allegations that the global...more
The years-long saga of the Federal Trade Commission’s suit against Wyndham Hotels over data breaches that occurred at least as early as April 2008 is finally coming to an end with a proposed settlement filed today with the...more
On December 9, 2015, the Federal Trade Commission (FTC), with the agreement of Wyndham Hotels and Resorts (“Wyndham”), filed a stipulated order for injunction (“Consent Order”) in the U.S. District Court for the District of...more
On December 9, 2015, Wyndham and the FTC settled the enforcement action brought by the FTC that had led to a significant decision by the Third Circuit in August of this year. While the details of the settlement are...more
We have been following the hard fought case between the FTC and Wyndham over an investigation that was launched by the FTC following a series of data breaches of Wyndham’s payment card information between 2010 and 2012 (see...more
In Federal Trade Commission v. Wyndham Worldwide Corporation, the United States Court of Appeals for the Third Circuit held that the Federal Trade Commission (FTC) has authority to regulate cybersecurity under 15 U.S.C. §...more
What makes data privacy law interesting for academics, challenging for lawyers, and frustrating for businesses its shape-shifting structure in the face of rapidly changing technology. The recent change in the invalidation of...more
In the span of two days, mobile device users learned of two data breaches that could compromise their personal data. In one, Experian (a credit reporting agency) reported that it was hacked, potentially putting 15 million...more
Join us for an in-depth webinar presented by litigation attorneys James Ward and Phil Stein on the trending topic of information security and how to protect your company from a data breach. This webinar will address what you...more
This month’s edition of the Advanced Cyber Security Center’s newletter includes my discussion of lessons to be learned from the Wyndham decision: Historically, security was an issue reserved in a back room for the IT...more
Cyberattacks are on the rise—so much that we seem to hear about a high-profile hack more often than it probably rains in most parts of California. Although reputational damage from a cyberattack can be scarring, a recent U.S....more
In 2014, the United States Court of Appeals for the Third Circuit ruling in FTC v. Wyndham Worldwide Corporation agreed to hear an immediate appeal on two issues: “whether the FTC has authority to regulate cybersecurity under...more
On August 24, in FTC v. Wyndham Worldwide Corp. et al, the Third Circuit Court of Appeals affirmed that the FTC could enforce its own reasonable interpretation of what cybersecurity standards are necessary to avoid...more