|
|
Appeals court opens door to FTC oversight of corporate cyber security
|
|
|
|
MacNN Staff
Join Date: Jul 2012
Status:
Offline
|
|
The Third US Circuit Court of Appeals in Philadelphia has ruled in a lawsuit against Wyndham hotels, that the Federal Trade Commission (FTC) has the authority to regulate and enforce corporate IT security policies and failures. The appeal ruling opens the door to the regulatory agency to take pre-emptive measures, should it see fit, but also confirms the agency's power to protect the citizenry and file lawsuits on its behalf for companies such as Wyndham, Target, Ashley Madison, and others who have failed to secure customers' personal information.
Trying to reject the FTC's lawsuit about the hotel's multiple breaches after 2008 exposing 619,000 consumers, the company claimed that the ruling would allow the FTC to sue supermarkets that failed to sweep up banana peels, and give the agency sweeping powers to regulate hotel door locks. Circuit Judge Thomas Ambro refuted that argument, saying that Wyndham's defense "invites the tart retort that, were Wyndham a supermarket, leaving so many banana peels all over the place that 619,000 customers fall hardly suggests it should be immune from liability."
The ruling was unanimous, and the trial, filed in June of 2012 will proceed. Wyndham spokesman Michael Valentino said of the appeals court ruling that "safeguarding personal information remains a top priority" and "we believe the facts will show the FTC's allegations are unfounded." The FTC has made no comment about the ruling.
(
Last edited by NewsPoster; Aug 25, 2015 at 09:06 AM.
)
|
|
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Aug 2006
Location: NW NC
Status:
Offline
|
|
Oh, joy. The Fed will protect us. I feel s much better now.
|
|
|
|
|
|
|
|
|
Senior User
Join Date: Mar 2009
Location: pacific northwest
Status:
Offline
|
|
I see no reason why a government agency shouldn't have some oversight into corporate (lack of) security. (@Hillbilly) You can complain all you want about the Feds lack of protection but government systems are approved and monitored while corporate systems, which handle a whole lot more of our money, are left without any oversight at all. As taxpayers (at least I'm one) we should be able to demand oversight into these companies to make sure they adequately protect my identity and access to my money. Will it fix everything? No, but it's a start.
|
|
|
|
|
|
|
|
|
Senior User
Join Date: Jun 2000
Location: Sydney, Australia
Status:
Offline
|
|
The last thing we need is another self serving regulatory body that only seeks to increase its own bloat.
|
|
|
|
|
|
|
|
|
Forum Regular
Join Date: Jun 2004
Status:
Offline
|
|
Good comments here, I concur with all of them. It's all about enforcement/execution, not regulations.
Banking industry cybersecurity can mostly be self-policed, the banks are as of now on the hook for breaches involving the theft of money.
On the other hand, companies like facebook, ashley madison, apple icloud et al do need some standards for security and protecting their customers' data.
|
|
|
|
|
|
|
|
|
Senior User
Join Date: Mar 2009
Location: pacific northwest
Status:
Offline
|
|
Enforcement doesn't happen without regulation or financial impact. Who's going to enforce Wyndham and all the others? There's no such thing as self-enforcement. Even banks, (dated) http://www.banktech.com/compliance/state-governments-and-the-future-of-cyber-security-regulation/d/d-id/1279216, "With Washington deadlocked by partisanship, it's falling to states to inspect banks' cyber security practices, and that could mean trouble for some small institutions." have little cyber security regulation. There are some corporate regulations, mainly HIPPA, but these don't cover places like Target, Home Depot, or Wyndham. If you want your purchases and bank accounts protected, then tell your congressional representatives to quit screwing around and do something instead of simply playing politics.
|
|
|
|
|
|
|
|
|
Forum Regular
Join Date: Jul 2006
Status:
Offline
|
|
Corporatioins should always be allowed to regulate themselves. How else are they going to maximize profits, if they can't screw the consumers, deny everything, and mount a big PR campaign of lies?
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|