Trends Report

Brief: FTC Vs. Wyndham Ruling Further Solidifies The FTC's Role In US Data Security

Firms Find Themselves In The FTC's Crosshairs By Violating Basic Security Principles

June 2nd, 2014
Heidi Shey, Principal Analyst
Heidi Shey Principal Analyst
Chris Sherman, null
Chris Sherman
Nick Hayes, null
Nick Hayes
With contributors:
Stephanie Balaouras , Andrew Hewitt , Renee Murphy , Jennie Duong

Summary

Security and risk (S&R) professionals: If the US Federal Trade Commission (FTC) was not on your radar before, it should be now. Protecting consumers and consumer privacy is one of several mandates for the FTC, and the April 8, 2014 US District Court for the District of New Jersey ruling in the FTC vs. Wyndham case solidifies the FTC's scope and ability to regulate consumer data security and privacy matters. The FTC asserted that Wyndham Hotels and Resorts failed to maintain reasonable and appropriate data security measures for its customers' personal information, which violated section 5(a) of the FTC Act under which "unfair or deceptive acts or practices in or affecting commerce" are considered unlawful. Wyndham Hotels and Resorts, in turn, challenged the FTC's authority over data security and sought to dismiss the FTC's complaint — and lost. This brief examines the FTC's goals and role in data security and privacy, highlights from the FTC vs. Wyndham case, and future implications for S&R pros.

Want to read the full report?

Contact us to become a client

This report is available for individual purchase ($1495).

Forrester helps business and technology leaders use customer obsession to accelerate growth. That means empowering you to put the customer at the center of everything you do: your leadership strategy, and operations. Becoming a customer-obsessed organization requires change — it requires being bold. We give business and technology leaders the confidence to put bold into action, shaping and guiding how to navigate today's unprecedented change in order to succeed.