Skip to main content

Wyndham Gets Life Preserver in Data Breach Case

Written by Adam Veness

New Jersey U.S. District Judge Esther Salas agreed to allow Wyndham Hotels and Resorts LLC to immediately appeal to the Third Circuit a ruling affirming the FTC’s authority to bring data security cases.  We have been following this case since the beginning, and you can see our last post here.

Judge Salas noted that businesses and consumers nationwide would benefit from appellate review of the issues.  In granting Wyndham’s motion for interlocutory review of her order refusing to dismiss the case, she certified to the Third Circuit the following two questions:

1) Whether the Federal Trade Commission can bring an unfairness claim involving data security under Section 5 of the Federal Trade Commission Act, 15 U.S.C. § 45(a); and

2) Whether the Federal Trade Commission must formally promulgate regulations before bringing its unfairness claim under Section 5 of the Federal Trade Commission Act, 15 U.S.C. § 45(a).

While recognizing that interlocutory certification should be used sparingly, Judge Salas noted that the circumstances here appear sufficiently exceptional to justify certification for interlocutory appellate review.  She further acknowledged “the nationwide significance of the issues in the action, which indisputably affect consumers and businesses in a climate where we collectively struggle to maintain privacy while enjoying the benefits of the digital age.”

With this latest development, Judge Salas has thrown Wyndham a life vest and allowed it to fight another day on these high stakes questions surrounding the FTC’s authority.  The implications of a Third Circuit ruling in Wyndham’s favor cannot be understated, and could have the potential to prompt quick action by Congress to establish the FTC’s authority.

Stay tuned!

Earlier Posts:

FTC v. Wyndham: Wyndham Calls for Back-Up  (8/5/2013)

The FTC Fires Back Against Wyndham (11/2/2012)

Wyndham Motion Puts the FTC on the Defensive (8/31/2012)

FTC Sues Wyndham Hotels (6/27/2012)


Subscribe To Viewpoints


Cynthia J. Larose

Member / Co-Chair, Privacy & Cybersecurity Practice

Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.