In an ongoing battle in the District Court of New Jersey, Wyndham Worldwide Corporation (Wyndham) is attempting to fight back against the Federal Trade Commission’s (FTC) authority to hold them liable for their data security failures. The FTC initially filed a complaint against Wyndham in June 2012 in a District Court in Arizona. The case was later transferred to New Jersey. Now, the company has filed a motion to dismiss based on its view that the FTC is overstepping its bounds in filing the complaint.
Now, based on the FTC’s allegations, Wyndham argues that the FTC is overstepping its Section 5 authority by attempting to (a) punish the company for the breaches and (b) set data security standards. Wyndham’s arguments were supported by a brief submitted by the National Chamber Litigation Center, a separately funded affiliate of the US Chamber of Commerce, which has previously argued that the FTC is attempting to act outside of the legislative process and that this raises due process concerns. Despite these arguments, the FTC is maintaining its position, stating that its Section 5 authority was specifically created to empower it to address “unanticipated practices in a changing economy.”