On 24 August 2015, The United States Court of Appeals for the Third Circuit ruled in a case between Wyndham Hotels and the Federal Trade Commission that the Federal Trade Commission has the power to take action against companies that employ poor IT security practices. This decision has reaffirmed the FTC’s authority to hold companies accountable for failing to safeguard consumer data.

Federal Trade Commission v Wyndham Hotels and Resorts (PDF)