Court: FTC can take action on corporate data breaches

The US Court of Appeals has ruled that the FTC mandate to protect consumers against fraudulent, deceptive and unfair business practices extends to oversight of corporate cybersecurity efforts — and lapses. But security experts are split about whether the decision will help improve enterprise security.

“It is not only appropriate, but critical, that the FTC has the ability to take action on behalf of consumers when companies fail to take reasonable steps to secure sensitive consumer information,” said Federal Trade Commission Chairwoman Edith Ramirez in a statement.

Specifically, last week’s decision allowed the FTC to take action against Wyndham Hotels and Resorts for failing to reasonably protect consumers’ personal information between 2008 and 2010, when hackers broke in three times and stole more than 600,000 bank card numbers.

To read this article in full or to leave a comment, please click here