11 Jul Two cases could disrupt FTC’s data security authority
Quote from SC Magazine
It is commonly said that all businesses should expect to be breached at one point or another. And after that, the Federal Trade Commission (FTC) could come knocking.
But hotelier Wyndham Worldwide and medical testing provider LabMD are two companies that are pushing back against separate investigations launched by the consumer protection agency, which asserts that the two companies experienced data breaches that exposed sensitive client information. The results of the cases could decide whether the FTC can continue to punish companies that have been breached.
Mark Eichorn, assistant director of the division of privacy and identity protection at the FTC, told SCMagazine.com that the Wyndham case was filed and briefed in Arizona, and recently changed venues to New Jersey, where there is a pending motion to dismiss filed by Wyndham.
“That motion has been briefed for a while,” Eichorn said, explaining that a ruling expected in mid-June never came to pass, and now it’s just a question of when the court will rule on it. “In Arizona, it was pending for a while and was never ruled on,” he said.
While he could not comment on the LabMD proceedings, since they are not currently available to the public, he did say that a motion to dismiss the complaint was rejected by the FTC – meaning LabMD is required to respond to the FTC’s Civil Investigative Demand (CID).
