A US appeals court has upheld a decision to grant the Federal Trade Commission the authority to regulate cyber security issues and it plans to resume action against Wyndham Worldwide Corp over its role in three data breaches.
The FTC wants to take action over breaches perpetrated by hackers in 2008 and 2009 which compromised credit card details of more than 600,000 customers costing $10.6 million in fraudulent charges.
The FTC first sued Wyndham in 2012 but the hotel company said the agency had exceeded its authority.
"It is not only appropriate, but critical, that the FTC has the ability to take action on behalf of consumers when companies fail to take reasonable steps to secure sensitive consumer information," said FTC chairwoman Edith Ramirez.
FTC sued Wyndham for ‘unreasonably and unnecessarily’ exposing sensitive customer data to the risk of cybertheft.
Despite the setback for Wyndham it will continue to fight the case.
"Safeguarding personal information remains a top priority. We believe the facts will show the FTC’s allegations are unfounded," said company spokesman Michael Valentino.
Congress has not yet adopted robust legislation on data security.
For this case, the FTC successfully pointed to an existing 100-year old law giving it jurisdiction to protect consumers from unfair and deceptive trade practices.















