Main Menu
Posts tagged Federal Trade Commission.

Lawyers often say “bad facts makiStock_000050678972_Largee bad law”. Combine that with weak legal arguments and, well, things can get really bad, really fast. That’s precisely what happened to Wyndham yesterday when the Third Circuit affirmed a federal District Court decision that the Federal Trade Commission (“FTC”) has authority to regulate cybersecurity under the unfairness prong of § 45(a) of the Federal Trade Commission Act. While commentators may disagree on the result from a legal or policy perspective, one thing is for certain, it was a bad result for Wyndham. The decision rejected in no uncertain terms Wyndham's argument that the FTC lacked authority; and not kindly.

Scott Warner, a technology and intellectual property lawyer on our Hospitality, Travel & Tourism team, discusses some implications of the much publicized FTC lawsuit against Wyndham. 

Last month the Federal Trade Commission filed a lawsuit against Wyndham Worldwide Corporations and three of its subsidiaries (“Wyndham”) in U.S. District Court in Arizona. The complaint alleges that Wyndham engaged in unfair and deceptive practices by failing to implement reasonable data security protections on computers used by independently owned Wyndham hotels and because the company’s public privacy policy misrepresented the security measures it actually employed to protect customer’s personal information. Specifically, the Commission alleged that Wyndham:

  • failed to use strong (and in some cases any) passwords to limit access to computer files;
  • failed to use firewalls to separate corporate and hotel computer systems;
  • improperly stored payment information in clear text;
  • failed to implement reasonable measures to detect security breaches;
  • failed to implement proper incident response procedures or  remedial steps after learning of a data breach; and
  • failed to adequately restrict access to company systems by third party vendors.

The claims stem from three separate data breaches over a period of two years in which hackers obtained the private information of more than 600,000 customers, which led to more than $10.6 million in fraudulent charges.

After some delay, the new federal regulations giving gift card holders greater protections took effect recently, adding to a patchwork of state consumer laws already in place. The new regulations apply to both issuers and sellers of store gift cards, gift certificates, and general use prepaid cards, such as prepaid Visas or Mastercards, sold after August 22, 2010. We’ve seen our clients consider conflicts between state and federal law, advertising policies for resellers, tax recognition on gift card income, and unclaimed property laws.

Search This Blog

Subscribe

RSS RSS Feed

Greg Duff
Editor
Greg Duff founded and chairs Foster Garvey’s national Hospitality, Travel & Tourism group. His practice largely focuses on operations-oriented matters faced by hospitality industry members, including sales and marketing, distribution and e-commerce, procurement and technology. Greg also serves as counsel and legal advisor to many of the hospitality industry’s associations and trade groups, including AH&LA, HFTP and HSMAI.

Recent Posts

Topics

Select Category:

Archives

Select Month:

Contributors

Back to Page

We use cookies to improve your experience on our website. By continuing to use our website, you agree to the use of cookies. To learn more about how we use cookies, please see our Cookie Policy.