Previous business/academic article Next business/academic article
Business Articles Awards > General Antitrust

Federal Trade Commission Can Pursue Claims Against Company for Failure to Have Adequate Data Security, Court Rules

Richard Parker, Randall W. Edwards, Maryanne Kane, Katrina Robson, and Mimi Vu, O’Melveny Myers, Client Alerts, April 2014

See Richard Parker's resume See Randall W. Edwards's resume See Maryanne Kane's resume See Katrina Robson 's resume See Mimi Vu 's resume

Click here to read the full article online

In a decision that is likely to result in increased federal enforcement actions against companies that suffer data security breaches but are found not to have taken sufficient steps to protect the data, a federal court on April 7, 2014, upheld the authority of the Federal Trade Commission (“FTC”) to require “reasonable” data-security measures and to pursue a complaint against companies that fail to do so when there is resulting substantial harm to consumers from a breach. See FTC v. Wyndham Worldwide Corp., --- F. Supp. 2d ---, 2014 WL 1349019 (D.N.J. Apr. 7, 2014). The decision is notable as the first federal court opinion addressing a breached entity’s challenge to the FTC’s assertion of broad authority under Section 5 of the FTC Act, which generally prohibits “unfair” or “deceptive” business practices, to enforce data-security standards across most industrial sectors that collect, use, or maintain consumers’ personal information.

© 2022 - Institute of Competition Law Download our brochure