WASHINGTON–Credit unions can look to the Federal Trade Commission to play a larger role when it comes to cybersecurity regulations.
The Third Circuit U.S. Court of Appeals here has upheld the FTC’s authority to enforce regulations related to business practices and the safe storage of consumer data. The ruling came in an appeal by hotel chain Wyndham Worldwide in which the company had been accused of violating the FTC Act's provisions on unfair business practice when it took inadequate security measures to protect consumer data. The FTC said that between 2008 and 2009 data breaches at Wyndham exposed at least 619,000 payments cards, as well as other consumer information.
The FTC originally filed suit against Wyndham Worldwide in 2012 over its lax security. A lower court had ruled in favor of the FTC in that case, which Wyndham Worldwide appealed. At issue was the FTC’s authority related to unfair and deceptive trade practices.