A federal judge has ruled that the Federal Trade Commission has the power to enforce data security standards. In the case FTC v. Wyndham, the Commission alleged that criminals stole hundreds of thousands of credit card numbers from hotel guests because Wyndham Hotels maintained lax data security. Wyndham responded that the FTC could not bring an enforcement action against the company without first publishing regulations. Judge Esther Salas held that the FTC's authority to investigate "unfair or deceptive" business practices included data protection. FTC Chairwoman Edith Ramirez stated earlier, "Companies should take reasonable steps to secure sensitive consumer information. When they do not, it is not only appropriate, but critical, that the FTC take action on behalf of consumers." For more information, see EPIC: Federal Trade Commission, and EPIC: Big Data and the Future of Privacy.
EPIC relies on support from individual donors to pursue our work.
Subscribe to the EPIC Alert
The EPIC Alert is a by-monthly newsletter highlighting emerging privacy issues.