Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > News > Mac News > Appeals court opens door to FTC oversight of corporate cyber security

Appeals court opens door to FTC oversight of corporate cyber security
Thread Tools
NewsPoster
MacNN Staff
Join Date: Jul 2012
Status: Offline
Reply With Quote
Aug 25, 2015, 09:05 AM
 
The Third US Circuit Court of Appeals in Philadelphia has ruled in a lawsuit against Wyndham hotels, that the Federal Trade Commission (FTC) has the authority to regulate and enforce corporate IT security policies and failures. The appeal ruling opens the door to the regulatory agency to take pre-emptive measures, should it see fit, but also confirms the agency's power to protect the citizenry and file lawsuits on its behalf for companies such as Wyndham, Target, Ashley Madison, and others who have failed to secure customers' personal information.

Trying to reject the FTC's lawsuit about the hotel's multiple breaches after 2008 exposing 619,000 consumers, the company claimed that the ruling would allow the FTC to sue supermarkets that failed to sweep up banana peels, and give the agency sweeping powers to regulate hotel door locks. Circuit Judge Thomas Ambro refuted that argument, saying that Wyndham's defense "invites the tart retort that, were Wyndham a supermarket, leaving so many banana peels all over the place that 619,000 customers fall hardly suggests it should be immune from liability."

The ruling was unanimous, and the trial, filed in June of 2012 will proceed. Wyndham spokesman Michael Valentino said of the appeals court ruling that "safeguarding personal information remains a top priority" and "we believe the facts will show the FTC's allegations are unfounded." The FTC has made no comment about the ruling.
( Last edited by NewsPoster; Aug 25, 2015 at 09:06 AM. )
     
Hillbilly Geek
Fresh-Faced Recruit
Join Date: Aug 2006
Location: NW NC
Status: Offline
Reply With Quote
Aug 25, 2015, 09:51 AM
 
Oh, joy. The Fed will protect us. I feel s much better now.
     
prl99
Senior User
Join Date: Mar 2009
Location: pacific northwest
Status: Offline
Reply With Quote
Aug 25, 2015, 09:59 AM
 
I see no reason why a government agency shouldn't have some oversight into corporate (lack of) security. (@Hillbilly) You can complain all you want about the Feds lack of protection but government systems are approved and monitored while corporate systems, which handle a whole lot more of our money, are left without any oversight at all. As taxpayers (at least I'm one) we should be able to demand oversight into these companies to make sure they adequately protect my identity and access to my money. Will it fix everything? No, but it's a start.
     
TheGreatButcher
Senior User
Join Date: Jun 2000
Location: Sydney, Australia
Status: Offline
Reply With Quote
Aug 25, 2015, 11:03 AM
 
The last thing we need is another self serving regulatory body that only seeks to increase its own bloat.
     
just a poster
Forum Regular
Join Date: Jun 2004
Status: Offline
Reply With Quote
Aug 25, 2015, 12:35 PM
 
Good comments here, I concur with all of them. It's all about enforcement/execution, not regulations.

Banking industry cybersecurity can mostly be self-policed, the banks are as of now on the hook for breaches involving the theft of money.

On the other hand, companies like facebook, ashley madison, apple icloud et al do need some standards for security and protecting their customers' data.
     
prl99
Senior User
Join Date: Mar 2009
Location: pacific northwest
Status: Offline
Reply With Quote
Aug 25, 2015, 01:33 PM
 
Enforcement doesn't happen without regulation or financial impact. Who's going to enforce Wyndham and all the others? There's no such thing as self-enforcement. Even banks, (dated) http://www.banktech.com/compliance/state-governments-and-the-future-of-cyber-security-regulation/d/d-id/1279216, "With Washington deadlocked by partisanship, it's falling to states to inspect banks' cyber security practices, and that could mean trouble for some small institutions." have little cyber security regulation. There are some corporate regulations, mainly HIPPA, but these don't cover places like Target, Home Depot, or Wyndham. If you want your purchases and bank accounts protected, then tell your congressional representatives to quit screwing around and do something instead of simply playing politics.
     
elroth
Forum Regular
Join Date: Jul 2006
Status: Offline
Reply With Quote
Aug 27, 2015, 10:08 AM
 
Corporatioins should always be allowed to regulate themselves. How else are they going to maximize profits, if they can't screw the consumers, deny everything, and mount a big PR campaign of lies?
     
   
Thread Tools
 
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Top
Privacy Policy
All times are GMT -4. The time now is 07:52 AM.
All contents of these forums © 1995-2017 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2017, Jelsoft Enterprises Ltd.,