Data breach here, data breach there, data breach everywhere. Does that mean that there will be lawsuits? Probably. Does that mean they will be successful? Who knows.
At Bachuwa Law, I help consumers who have been aggrieved by corporate giants. I’ll continue to fight for the little guy when a company has done something wrong. However, just because something negative has happened does not mean that the consumer is entitled to relief. While I would argue that consumers shouldn’t have to pay for credit monitoring for the rest of their lives if a company exposes their data, there is not a law that automatically penalizes a company for its negligence.
The weakness in the consumer claim is that the consumer cannot prove that they have been damaged, i.e. somebody stole the consumer’s data from company X and that the stolen data has been exploited to the consumer’s detriment. If or when the stolen data is used, the company will argue that there were intervening events that exculpate it from liability, i.e. that the data was stolen by another breach or by other means. Unless the legislator enacts laws that automatically hold companies accountable if data is breached, consumers will continue to have few legal options to combat these breaches.
Unless you are in the EU. The internet is not just about the US.
Really? Well I’m only a lawyer in the US. Maybe ETPOL can write a post for eu