In a ruling this week, a US federal judge affirmed the Federal Trade Commission's authority to file lawsuits against companies for failing to take "reasonable and appropriate" data security measures, rejecting a claim that the agency lacks that power.
District Judge Esther Salas of the US District Court of New Jersey denied Wyndham Worldwide's motion to dismiss a 2012 suit filed against it by the FTC, clearing the way for the hotelier to stand trial on charges of deceptive and unfair business practices.
Wyndham had argued that such lawsuits were outside the FTC's discretion, likening the case to FDA v Brown & Williamson Tobacco Corp., in which the Supreme Court found that the Food and Drug Administration lacked the authority to regulate cigarettes.
But in a 42-page opinion [PDF], Judge Salas disagreed, saying, "the Court rejects this challenge to the FTC's authority because the circumstances here differ from those in Brown & Williamson."
Now these may be worth getting ringside seats for...define "reasonable and appropriate" measures...I dare you!
Webroot SecureAnywhere Complete Beta Tester v220.127.116.11, imaged by Macrium Reflect v7.1