http://www.technewsworld.com/story/84747.html
Consumers Gain More Power to Seek Data Breach Damages
This article talks about the following: The federal apples court decision handed down earlier this month, significantly expand the circumstances under which consumers may pursue class actions against companies, CareFirst which had an cyberattack was found not liable for the damage caused to the consumers but the ruling was later overruled by the U.S court of Appeals, with the new ruling companies face massive settlements, and finally companies must up their cybersecurity game or if not they will face litigation which can be very costly.
It will be interesting to see how things unfold in the future. Will companies up their security to prevent from data beaches or take the risk of getting sued? If they decide to up their security, how is that going to affect the daily operation? Also, will we see more pressure from the government where they up the regulation?
Matt Roberts says
This article brings up an issue that will ultimately have a very real effect on how information security is treated by all organizations going forward. This most recent decision from the appellate court grants consumers new leverages to file suit after data breaches, without having to prove actual injury or harm (such as identity theft). With several cases in different courts resulting in different decisions, the issue is far from resolved. However, if this is indicative of what the precedent will be, all organizations will face much more potential exposure in the case of a data breach due to large settlements. The obvious response to this is to invest more in developing their network security systems, but no matter how much capital is dumped on the issue, no network is ever 100% secure. This means companies must develop response and recovery processes that work in as close to real time as possible in order to minimize losses when (not if) a data breach occurs.