Here’s another commentary/analysis of Judge Salas’s ruling on Wyndham’s motion to dismss that is worth noting here, by the law firm of Covington & Burling: They write, in part:
The FTC’s data-security authority is still in jeopardy. Although the FTC is the plaintiff in this case, it is really Wyndham that is on the offensive. If Wyndham prevails in the court of appeals on the issue of the FTC’s statutory authority or the need for rulemaking, it would be a major blow to the agency’s ability to pursue companies for lax data-security practices. Wyndham could also prevail in the district court if the FTC fails to produce sufficient evidence in support of its claims to survive a motion for summary judgment, a result that could be nearly as devastating to the FTC as a loss in the court of appeal. On the other hand, if the FTC manages to win in the district court and the court of appeals, the victory will simply ensure that the agency can continue doing what it has been doing for years: using its unfairness authority to regulate data-security practices.
Read more on Covington & Burling.