Sign Up for Alerts
Sign up to receive receive industry-specific emails from our legal team.
Sign Up for Alerts
We provide tailored, industry-specific legal updates to our clients and other friends of the firm.
Areas of Interest
July 7th, 2014
Can FTC Bring “Unfairness” Claims in Alleged Data Security Breach Cases?
That's the important question currently before a federal appeals court - a question with huge implications for advertisers and other custodians of sensitive customer data. How did the question arise?
In 2013, the FTC sued Wyndham Worldwide Corporation ("Wyndham") over security breaches of the Wyndham computer systems that allegedly leaked 619,000 customers' personal information, including payment card account numbers, expiration dates, and security codes. The FTC alleged that, after discovering two previous security breaches of its systems by outside hackers, Wyndham "failed to take appropriate steps in a reasonable time frame" to prevent a third compromise of its network, failed to employ reasonable and appropriate measures to protect consumers' personal information against unauthorized access, and that such failures constituted practices that were not only "deceptive" but also "unfair" under Section 5 of the FTC Act.
Wyndham moved to dismiss the FTC's complaint, but a federal trial court denied the motion. In her April 2014 decision, U.S. District Judge Esther Salas found, for the first time, that the FTC not only had authority to bring suits in the data security arena (despite the existence of specific data-security legislation enforced by other federal agencies), but that the FTC did not need to formally promulgate regulations before bringing an unfairness claim for data security breaches. This decision affirmed the FTC's power to pursue enforcement actions against private companies for their data security practices.
Although the trial court proceedings were not yet complete, Wyndham sought an interim review of the April decision. Such reviews - or "interlocutory" appeals - are rarely granted. However, in a victory for Wyndham, Judge Salas agreed to certify two of the case's questions to the U.S. Court of Appeals for the Third Circuit:
- Whether the Federal Trade Commission can bring an unfairness claim involving data security under Section 5 of the Federal Trade Commission Act, 15 U.S.C. § 45(a); and
- Whether the Federal Trade Commission must formally promulgate regulations before bringing its unfairness claim under Section 5 of the Federal Trade Commission Act, 15 U.S.C. § 45(a);
Essentially, this means that a federal appeals court will get a chance to review these particular questions, and to rule on them, before the broader case is ultimately decided by the trial court. In explaining her decision to allow for this unusual "midpoint" legal review, Salas emphasized the nationwide significance of the issues in this action, which she said would "indisputably affect consumers and businesses in a climate where we collectively struggle to maintain privacy while enjoying the benefits of the digital age."
We will keep you apprised of developments in the case as they unfold. If you have questions about data security, privacy , or other technology law issues, please contact S. Gregory Boyd at (212) 826 5581 or gboyd@fkks.com, Hannah Taylor at (212) 705 4849 or htaylor@fkks.com, or any other member of the Frankfurt Kurnit Technology, Digital Media and Privacy Group
Other Technology Law Alerts
Risky Business Just Got Riskier - DOJ Changes Stance on Internet Gambling
Last week the U.S. Department of Justice (DOJ) made waves in the online gambling industry with an Opinion interpreting the Wire Act (18 U.S.C. § 1084). In the Opinion, DOJ's Office of Legal Counsel concluded that most sections of the Wire Act are not limited to sports-related wagers and instead prohibit the use of interstate wires for any bets or wagers. Read more.
January 23 2019
Video Games With Advanced Communications Services Must Now Be Accessible to Players With Disabilities
An important legal waiver recently expired and as a result, video game developers and publishers must now ensure that new and substantially upgraded games comply with the accessibility requirements of the 21st Century Communications and Video Accessibility Act (“CVAA”). Read more.
January 7 2019
Shields On: 9th Circuit Strengthens Legal Defense for Video Game Developers
There's good news for game developers who incorporate real-world elements in their games. On October 20, 2017, the Court of Appeals for the Ninth Circuit affirmed a trial court decision which found that Gran Turismo, a Sony video game, was an expressive work entitled to First Amendment protection Read more.
November 2 2017
