Chris Hoofnagle, director of information privacy programs at the University of California Berkeley Center for Law & Technology, described the dismissal efforts as a "Hail Mary effort to stop the FTC from enforcing its unfairness power.
"For decades, long before the FTC became involved in privacy, business groups have tried to cabin the FTC so that it can only enforce wrongs that were addressable by the common law," Hoofnagle said in emailed comments to Computerworld.
In an amicus brief supporting the FTC's position, Hoofnagle noted that the agency's enforcement actions have served as the only effective means of holding companies accountable for failing to protect data entrusted to them by consumers.
Although consumers can suffer substantial harm from a data breach, federal courts have been reluctant to recognize private tort action against breached entities. So the FTC enforcement actions have been the primary protection for consumers, he said.
"Congress, in creating the FTC and in empowering it to police unfair and deceptive trade practices, explicitly gave the agency power to determine what is unfair and deceptive." Trying to make the FTC an entity that can only enforce common law defeats the purpose for which it was created, Hoofnagle said. "[It] raises a basic question: Why have the FTC at all?"
FTC officials could not be reached immediately for comment on the case.
This article, Wyndham lawsuit tests FTCs data security enforcement authority, was originally published at Computerworld.com.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at Twitter @jaivijayan or subscribe to Jaikumar's RSS feed Vijayan RSS. His e-mail address is firstname.lastname@example.org.
See more by Jaikumar Vijayan on Computerworld.com.