All posts in Class Actions

Why Do Lawsuits for Data Breaches Continue Even Though the Law Is Against Plaintiffs?

Daniel Solove
Founder of TeachPrivacy

chess pic 1

by Daniel J. Solove

If there’s a big data breach, the class action lawyers will start nipping like a bunch of hungry crocodiles. Upwards of forty separate lawsuits were filed against Target after its data breach, and one was filed the day after the breach became public knowledge.

The law, however, has thus far been far from kind to plaintiffs in data breaches. Most courts dismiss claims for lack of harm. I have written extensively about harm in a series of posts on this blog, and I have chided courts for failing to recognize harm when they should.

Continue Reading

Why the C-Suite Should Have Coffee with the Privacy and Security Officers Every Week

Daniel Solove
Founder of TeachPrivacy

 

c suite blog 1

by Daniel J. Solove

As I discussed in a previous post, the two key things that organizations can do to prevent data incidents can be summed up in a simple rhyme:

The C-Suite must care

The workforce must be aware

In this post, I want to focus on the “C-Suite” – a term used for the upper management of an organization, its top officers.

The C-Suite must care about data security.

But far too often, the C-Suite doesn’t fully appreciate the risks and could use a better understanding of the law.

Continue Reading

Do Privacy Violations and Data Breaches Cause Harm?

Daniel Solove
Founder of TeachPrivacy

L

by Daniel J. Solove

In two earlier posts, I’ve been exploring the nature of privacy and data security harms.

Post 1: Privacy and Data Security Violations: What’s The Harm?

Post 2: Why the Law Often Doesn’t Recognize Privacy and Data Security Harms

In this post, I want to explore two issues that frequently emerge in privacy and data security cases: (a) the future risk of harm; and (b) individual vs. social harm.

Continue Reading

Why the Law Often Doesn’t Recognize Privacy and Data Security Harms

Daniel Solove
Founder of TeachPrivacy

why the law blog 1

by Daniel J. Solove

In my previous post on privacy/security harms, I explained how the law is struggling to deal with privacy and data security harms. In this post, I will explore why.

The Collective Harm Problem

One of the challenges with data harms is that they are often created by the aggregation of many dispersed actors over a long period of time. They are akin to a form of pollution where each particular infraction might, in and of itself, not cause much harm, but collectively, the infractions do create harm.

Continue Reading

Privacy and Data Security Violations: What’s the Harm?

Daniel Solove
Founder of TeachPrivacy

privacy and data security violation blog 1

by Daniel J. Solove

“It’s just a flesh wound.”

Monty Python and the Holy Grail

Suppose your personal data is lost, stolen, improperly disclosed, or improperly used. Are you harmed?

Suppose a company violates its privacy policy and improperly shares your data with another company. Does this cause a harm?

In most cases, courts say no. This is the case even when a company is acting negligently or recklessly. No harm, no foul.

Continue Reading