A court just made it easier for the government to sue companies for getting hacked

Yes, federal regulators can go after firms whose lax security policies result in big hacks and a loss of personal data, the US Third Circuit Court of Appeals ruled Aug 24. That the government should be able to punish businesses that don't protect your private information (despite telling you they do) seems like a no-brainer. But in Washington, there's been a big debate over just how far the Federal Trade Commission can go in protecting consumers from hackers.The decision clarifies the FTC's powers, giving it more ammunition against businesses that fail to invest in their own security. And that could be good news for consumers in light of the growing pace of online attacks against firms such as Ashley Madison, the extramarital dating site that got breached and exposed at least 30 million customer records.

The court's decision finds that the FTC acted appropriately when it sued Wyndham Worldwide Corporation, a massive international hotel chain and hospitality conglomerate, after Wyndham was hacked three times in two years, exposing the credit card data of more than 600,000 customers. The FTC has aggressively pursued data security cases in recent years, though much of the time it settles with the companies it investigates. The Wyndham case is a notable exception and is expected to become even more relevant as hacking and data breaches become mainstream occurrences. With the appellate court ruling in the FTC's favor, the agency could become emboldened to act even more decisively against businesses it believes are being deceptive about its security practices.