Share these talks and lectures with your colleaguesInvite colleagues
Data breach litigation and regulatory enforcement: A survey of our present and how to prepare for the future
Americans have grown accustomed to the drumbeat of data breaches, particularly because most have involved credit card data where individuals are protected from harm and almost never suffer out-of-pocket losses. But the more recent data breaches — Equifax, Yahoo! and the United States Office of Personnel Management — raise new concerns because of the amount of highly sensitive data that has been compromised. These compromises have caught the attention of the Federal Trade Commission (FTC), state attorneys general and Congress, and, as a result, the approaches to privacy-related harms are changing. This paper explores the circuit courts of appeals‘ approaches to privacy harms in data breach cases, specifically with regard to Article III standing, and the FTC‘s approach in its privacy and cyber security enforcement actions. After examining both approaches, this paper concludes with insights into best practices on dealing with the shifting legislative, judicial and regulatory climate surrounding breaches.
The full article is available to institutions that have subscribed to the journal.
Behnam Dayanim is a partner in the Washington, DC office of the international law firm Paul Hastings LLP, where he is global co-chair of the Privacy and Cybersecurity Practice and chair of the Advertising and Gaming Practice.
Edward George is an associate in the Privacy and Cybersecurity Practice and the Advertising and Gaming Practice groups.