Join us at TNW Conference 2022 for insights into the future of tech →

The heart of tech

This article was published on August 24, 2015

    Judge rules FTC has the authority to govern corporate cybersecurity

    Judge rules FTC has the authority to govern corporate cybersecurity
    Nate Swanner
    Story by

    Nate Swanner

    Former Reporter, TNW

    TNW's former West Coast writer in the PNW (Portland, Oregon). Nate loves amplifying developers, and codes in Swift when he's not writing. If TNW's former West Coast writer in the PNW (Portland, Oregon). Nate loves amplifying developers, and codes in Swift when he's not writing. If you need to get in touch, Twitter is your best bet.

    A U.S. appeals court has ruled the FTC can govern corporate cybersecurity. Citing a law established in 1914 allowing the FTC protect customers from unfair or deceptive trade practices, Circuit Judge Thomas Ambro said the agency can intervene when necessary.

    The ruling comes as the FTC considers legal action against Wyndham Worldwide, a corporation that operates Days Inn, Howard Johnson, Ramada, Super 8 and Travelodge.

    Between 2008 and 2009, hackers broke into Wyndham’s system and sniped credit card and personal info from some 619,000 customers.

    The FTC sued Wyndham in 2012, accusing it of not safeguarding customer data. In this latest ruling, Judge Ambro said Wyndham failed to show its conduct “falls outside the plain meaning of ‘unfair’.”

    The Judge also swatted away Wyndham’s assertion it lacked fair notice from the FTC its security methods were inadequate.

    In his ruling, Ambro wrote “it invites the tart retort that, were Wyndham a supermarket, leaving so many banana peels all over the place that 619,000 customers fall hardly suggests it should be immune from liability.”

    FTC has authority to police cybersecurity: U.S. appeals court [Reuters]