FTC Confirmed to Have Power to Sue Companies for Security Breaches in the US

  • US Courts have ruled that the FTC (Federal Trade Commission) does indeed have the power to go after companies that fail to protect customer data appropriately. Unlike many other agencies or certifications (HIPAA, PCI, etc.) the FTC can sue you for being insecure, there are no checkboxes to get around doing a good job, you need to actually do security well.

    Wyndham loses to FTC in court.