by Wendy Davis
Wyndham Hotels, which suffered three separate data breaches between 2008 and 2010, is asking a federal appellate court to throw out Federal Trade Commission charges stemming from the company’s cyber-security practices.
The FTC alleged in a 2012 lawsuit that Wyndham engaged in an unfair business practice by failing to take reasonable security measures, such as using firewalls, encrypt credit card information and encrypting credit-card information.
But Wyndham says that it is the victim in this case, and shouldn’t now face charges due to the actions of fraudsters.
“As a matter of law and common sense, a business cannot be deemed to have engaged in an ‘unfair’ practice where, as here, that business itself was the victim of criminal conduct by others,” Wyndham argues in papers filed this week with the 3rd Circuit Court of Appeals.