On July 2, 2019, the Federal Trade Commission (FTC) announced a settlement with smart home products manufacturer, D-Link, regarding allegations that D-Link misrepresented the security of its wireless routers, modems, and...more
A number of claims have been made against companies’ directors and officers alleging a breach of fiduciary duty for failing to adequately oversee data security programs. To date, the defendants’ oversight of the programs and...more
The news regularly reports on data breaches and cybersecurity. While we read about the biggest breaches – Home Depot, Target, Anthem, JP Morgan, Wyndham – probably every business has been hacked and will be hacked again. ...more
How much does the question of harm matter in cybersecurity law? The answer is: It depends on who is bringing the claim. Businesses confronting data breaches can face litigation from private consumers as well as from...more
Last month, Wyndham Worldwide Corp. settled its lengthy civil case with the Federal Trade Commission. The suit began in 2012, when the FTC sued Wyndham and three of its subsidiaries, alleging three data breaches between 2008...more
After four years of litigation, this past Wednesday, Wyndham Worldwide Corporation and three of its subsidiaries (collectively, “Wyndham”) settled the Federal Trade Commission’s (“FTC”) allegations that the global...more
The years-long saga of the Federal Trade Commission’s suit against Wyndham Hotels over data breaches that occurred at least as early as April 2008 is finally coming to an end with a proposed settlement filed today with the...more
On December 9, 2015, the Federal Trade Commission (FTC), with the agreement of Wyndham Hotels and Resorts (“Wyndham”), filed a stipulated order for injunction (“Consent Order”) in the U.S. District Court for the District of...more
On December 9, 2015, Wyndham and the FTC settled the enforcement action brought by the FTC that had led to a significant decision by the Third Circuit in August of this year. While the details of the settlement are...more
What makes data privacy law interesting for academics, challenging for lawyers, and frustrating for businesses its shape-shifting structure in the face of rapidly changing technology. The recent change in the invalidation of...more
In the span of two days, mobile device users learned of two data breaches that could compromise their personal data. In one, Experian (a credit reporting agency) reported that it was hacked, potentially putting 15 million...more
Cyberattacks are on the rise—so much that we seem to hear about a high-profile hack more often than it probably rains in most parts of California. Although reputational damage from a cyberattack can be scarring, a recent U.S....more
In 2014, the United States Court of Appeals for the Third Circuit ruling in FTC v. Wyndham Worldwide Corporation agreed to hear an immediate appeal on two issues: “whether the FTC has authority to regulate cybersecurity under...more
On August 24, in FTC v. Wyndham Worldwide Corp. et al, the Third Circuit Court of Appeals affirmed that the FTC could enforce its own reasonable interpretation of what cybersecurity standards are necessary to avoid...more
As a privacy litigator, I could not help but observe an apparent contradiction in the way the Third Circuit allowed the FTC to pursue Wyndham Hotels for cybersecurity breaches under the FTC Act, but Judge Berman (SDNY)...more
In a resounding win for the Federal Trade Commission (“FTC”), the Third Circuit unanimously affirmed the FTC’s power to regulate cybersecurity under the unfairness prong of the FTC Act (15 U.S.C. §45). FTC v. Wyndham, Case,...more
Using the Maryland Consumer Protection Act, Maryland Attorney General Brian Frosh has announced that eye care retailer Visionworks, Inc. has agreed to pay the state of Maryland $100,000 and enhance its security measures...more
Third Circuit Affirms FTC’s Authority Over Cybersecurity: In the Wyndham case, the Third Circuit affirmed that the FTC has the authority to regulate cybersecurity under Section 5 of the FTC Act, and that the language of...more
In a closely-watched cybersecurity case, a three-judge panel of the U.S. Court of Appeals for the Third Circuit held in Federal Trade Commission v. Wyndham Worldwide Corporation (No. 14-3514) that the Federal Trade Commission...more
In a highly anticipated, precedential opinion released on August 24, 2015, the Third Circuit held that the FTC had authority to regulate cybersecurity under the unfairness prong of § 45(a) of the FTC Act and that Wyndham had...more
If you read one thing: - The Federal Trade Commission (FTC) secured a major appellate victory in its quest to challenge lax corporate cybersecurity practices - In light of the 3rd Circuit’s decision,...more
In a much anticipated decision, the Third Circuit Court of Appeals affirmed the authority of the Federal Trade Commission (FTC) to enforce actions against companies who have been subject to a data breach. The FTC sued...more
On August 24, 2015, the Third Circuit Court of Appeals issued a much-awaited decision in FTC v. Wyndham Worldwide Corporation, holding that the Federal Trade Commission (FTC) has authority to regulate “unfair” or “deceptive”...more
On August 24, 2015, the Third Circuit affirmed U.S. District Court Judge Esther Salas’ April 2014 ruling in FTC v. Wyndham Worldwide Corp., et al. (“Wyndham”) that the FTC has the authority to regulate private companies’...more
On August 24, 2015, the United States Court of Appeals for the Third Circuit issued a precedential opinion in the matter of Federal Trade Commission v. Wyndham Worldwide Corporation, et al., No. 14-3514 (3d. Cir., Aug. 24,...more