In a speech delivered at a major meeting of state Attorneys General (AGs) in late July, FTC Commissioner Julie Brill emphasized the importance of state AGs’ role in privacy regulation and urged them take an active role in protecting both their own and the FTC’s unfair, deceptive and abusive acts or practices (“UDAAP”) authority.  In her speech, Brill, who used to serve as an assistant AG in Vermont and North Carolina, addressed the FTC’s case against Wyndham Worldwide, Inc. regarding the FTC’s authority under Section 5 of the FTC Act to regulate the hotelier’s corporate data security practices in connection with a data breach.  Brill stated that the FTC is aggressively fighting challenges to its FTC Act Section 5 authority, and reminded states that they have a dog in the same fight given that state UDAAP statutes resemble “mini-FTC Acts.”   Brill invited the AGs to collaborate with the FTC on future challenges to the state and federal agencies’ ability to pursue data security cases using their UDAAP authority.

State AGs have been very active in response to the recent onslaught of data breaches, and with the FTC’s prompting, may become even more engaged in taking action against companies that experience data breaches.  In this environment of increasing scrutiny, both at the federal and state levels, it is more important than ever for companies, including hotels, to prioritize ensuring that proper data security practices are utilized.  Hotels can help protect themselves from the risk of data breach by properly training their employees to comply with robust data-security practices and policies by utilizing Venza’s PCI training modules or other custom learning solutions.

The Venza Group has partnered with the law firm Arnall Golden Gregory (AGG) to create a series of interactive eLearning modules to address PCI compliance in the hotel industry. Management, employees and IT are taught about the requirements they must support as part of the Payment Card Industry Data Security Standards. The Venza Group also has partnered with AGG to create an interactive eLearning module to train hoteliers on general privacy and security awareness issues and on sexual harassment prevention.