Federal Trade Commission v. Wyndham Worldwide Corporation: Regulatory Implications for Consumer-Related Data Breaches

October 27, 2015

The U.S. Court of Appeals for the Third Circuit recently affirmed the Federal Trade Commission’s broad enforcement authority in cybersecurity under the unfairness prong of Section 5 of the FTC Act. In the closely watched case, the court held that Wyndham Worldwide Corporation (‘‘Wyndham’’) was not “entitled to know with ascertainable certainty the cybersecurity standards by which the FTC expected it to conform.”

Since 2005, the FTC has been the leading federal agency policing consumer-related data breaches and has instituted more than 50 enforcement actions during that time, almost all of which have resulted in settlements or consent decrees. Wyndham is one of only two companies that have challenged the FTC’s authority in this area.

To continue reading Craig Newman and Scott Caplan's article in the November/December 2015 edition of Pratt's Privacy & Cybersecurity Law Report, please click here.