On December 9, 2015, Wyndham entered into a settlement agreement with the FTC that, among other things, requires the establishment of a comprehensive information security program designed to protect cardholder data that conform to PCI-DSS, annual information security audits, and safeguards in connection with franchisee servers. The Wyndham obligations remain in effect for 20 years. Unique Issues for Franchised or Fragmented Businesses. The Wyndham case also highlights the unique issues for franchised or licensing based systems relative to legal compliance with data privacy and security laws. Computer systems that are fully integrated or that stand-alone and that collect personal data may hold differing legal risks in the event of a data breach. These liability issues should be carefully considered when establishing the computer systems, data access, and the relevant agreements between the various parties. The 20 year FTC/ Wyndham settlement agreement requires the company to conduct annual information security audits and maintain safeguards in connection with franchisee servers. FTC Setback. Just weeks before the Wyndham settlement, the FTC lost a case it had brought against cancer screening laboratory LabMD. The laboratory had been accused of two data breaches when a company spreadsheet with sensitive personal information was found on a peer to peer network. On November 13, 2015, after seven years of litigation, an FTC Chief Administrative Law Judge dismissed the FTC complaint since it failed to prove that LabMD’s alleged failure to employ reasonable and appropriate data security caused, or was likely to cause, substantial injury to consumers. The Judge stated that the alleged unreasonable data security of LabMD cannot properly be declared an unfair act or practice in violation of Section 5(a) of the FTC Act. Some suggest that this case may result in FTC enforcement actions being more focused on cases where actual harm can be demonstrated and not the mere possibility of harm to consumers.
31
Made with FlippingBook - Online Brochure Maker