December 24, 2015 02:00 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/2C66CGf8WaY/wyndham-settlement-no-fine-but-more-power-to-the-ftc
Wyndham Settlement: No Fine, But More Power To the FTC
itwbennett writes: Earlier this month, Wyndham settled a lawsuit with the FTC over weak security practices that resulted in 3 major data breaches in 2008 and 2009 that compromised the credit card information of more than 619,000 customers and led to more than $10.6 million in fraudulent charges. But all the settlement requires Wyndham to do 'is what any company that handles credit card data is supposed to have been doing for more than a decade, under the Payment Card Industry Data Security Standard (PCI DSS),' writes Taylor Armerding. There was no fine and it seemed as though Wyndham had 'dodged a bullet', says Armerding, But things are not always as they seem. Because the PCI DSS is not a government standard and is not a law 'the case was not about fines for noncompliance, which the FTC doesn't even have the authority to impose,' says Armerding. 'It was instead about power – the authority of the FTC to charge Wyndham with 'unfair and deceptive' practices because of its security flaws.'Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/2C66CGf8WaY/wyndham-settlement-no-fine-but-more-power-to-the-ftc
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot