U.S. Court of Appeals for the Third Circuit

Case Status


Docket Number

14-8091; 14-3514


Case Updates

Settlement reached

December 08, 2015

A settlement was subsequently reached in the U.S. District Court for the District of New Jersey.

Third Circuit upholds FTC's data security enforcement actions

August 24, 2015

The Third Circuit affirmed a lower court ruling that the Federal Trade Commission (“FTC”) has authority under the so-called “unfairness” prong of Section 5 of the FTC Act to bring enforcement actions against companies that the agency determines have “unreasonable” cybersecurity protections.

U.S. Chamber files additional amicus brief

October 14, 2014

After the Third Circuit granted Wyndham's petition to appeal the case, the U.S. Chamber led coalition filed an additional amicus brief on the merits of the case. The Chamber again urged the Court to rule against the FTC in their lawsuit that claimed the defendant companies engaged in “unfair” trade practices because they allegedly lacked “reasonable” data security measures to prevent hackers from breaching its data defenses.

Motion for interlocutory appeal granted

July 29, 2014

U.S. Chamber urges Third Circuit to clarify FTC's authority to regulate data security

July 10, 2014

The U.S. Chamber of Commerce filed a coalition brief detailing the interests in further explaining legal and policy implications of permitting appeal of the District Court's order denying Wyndham's motion to dismiss in this data security enforcement suit. The Chamber argues that an appellate decision resolving Wyndham’s questions about the Federal Trade Commission’s general authority to regulate data security and the related question of the sufficiency of the Commission’s guidance about what constitutes commercially reasonable security measures, would provide much needed clarity. The brief points out that a FTC investigation would impose substantial costs, including costs related to the production of documents and information responsive to the Commission’s requests. With the greater certainty that an appellate decision would provide, businesses would be able to better allocate their scarce resources toward compliance with the complex regulatory regime governing data security. Continued uncertainty about whether the FTC has the authority to bring Section 5 data security enforcement actions imposes significant costs on businesses that are subject to an FTC investigation or that expend resources trying to define what practices the Commission considers to be “reasonable” and “appropriate".

This brief was filed jointly with the American Hotel & Lodging Association and the National Federation of Independent Business.

Catherine E. Stetson and Sean Marota of Hogan Lovells US LLP represented the U.S. Chamber of Commerce as co-counsel to the U.S. Chamber Litigation Center.

Case Documents