Opinion

Hey “Chicken Littles,” Wyndham Doesn’t Mean the Sky is Falling

By Jeff Kosseff, CIPP/US

Based on the extensive news coverage of this week’s court ruling against Wyndham Hotels and Resorts in its battle with the Federal Trade Commission (FTC), one would think that the sky is falling on efforts to resist FTC enforcement actions relating to data security.

More from Jeff Kosseff

Opinion

IAPP Westin Research Center

In Standoff with FTC, Wyndham Shoots Itself in the Foot

The Federal Trade Commission’s (FTC) resounding victory over Wyndham Worldwide Corporation in a U.S. District Court paves the way for increasing privacy and data security action by the agency, which over the past decade has asserted itself as the most forceful and well-respected privacy enforcement authority in the world.

More from Omer Tene

Opinion

Is the Congressional Response to the Target Breach Off-Target?

In the aftermath of the Target breach announced last month, there has been understandable anxiety on the part of consumers and understandable concern by lawmakers about how to respond to large-scale breaches of this type.

In recent weeks, there have been calls by members of Congress for hearings on the Hill. Several Senators have demanded an investigation by the Federal Trade Commission (FTC) and have discussed legislation beefing up the FTC’s enforcement powers—although as I’ve written here previously , the FTC has not exactly needed an engraved invitation to investigate data breaches in recent years and does not seem to have been inhibited at all by the lack of clear (some might say any) authority to do so. And just this week, Sen. Patrick Leahy (D-VT) reintroduced the Personal Data Privacy and Security Act, which among other things would create a national breach notification standard.

More from Jason Weinstein

The Year in Review

2013: The Year of Privacy

Privacy Perspectives word cloud

If there ever was a “year of privacy,” surely it was 2013. A year that ends with dictionary.com selecting “privacy” as “word of the year;” with privacy making front-page headlines in The New York Times and The Washington Post (not to mention The Guardian) on a weekly, indeed almost daily, basis; with cross-Atlantic ties stretched to the limit over privacy issues, the UN passing a privacy resolution and armies of lobbyists spinning BCRs and Do-Not-Track in Washington bars and Brussels cafes—ladies and gentlemen, 2013 was the year of privacy.

More from Omer Tene

Opinion

Can Plaintiffs’ Lawyers Fill the Role of a DPA?

By Jeff Kosseff, CIPP/US

In recent months, authors on this blog have argued about whether the Federal Trade Commission (FTC) or state attorneys general serve as the de facto data protection authority in the U.S.

Both sides are correct.  The FTC and state attorneys general help set the general requirements for privacy and data security, just as DPAs do in Europe.  But another group is playing a role in the shaping of U.S. privacy and not always in a way that benefits society.

More from Jeff Kosseff