Cybersecurity litigation is currently at a crossroads. Courts have struggled in these cases, coming out in wildly inconsistent ways about whether a data breach causes harm. Although the litigation landscape is uncertain, there are some near certainties about cybersecurity generally: There will be many data breaches, and they will be terrible and costly. We thus have seen the rise of cybersecurity insurance to address this emergent and troublesome risk vector.
I am delighted to be interviewing Kimberly Horn, who is the Global Focus Group Leader for Cyber Claims at Beazley. Kim has significant experience in data privacy and cyber security matters, including guiding insureds through immediate and comprehensive responses to data breaches and network intrusions. She also has extensive experience managing class action litigation, regulatory investigations, and PCI negotiations arising out of privacy breaches.
The NY Times has an interesting article about defamation law involving a lawsuit by a judge against a newspaper for libel. The article noted some interesting facts about the nature and cost of defamation litigation:
Lior Strahilevitz (law, Chicago) has a wonderful post over at the Chicago Law Faculty Blog about a very problematic Seventh Circuit opinion — and blunder. The case, Doe v. Smith, involves a teenage girl whose boyfriend secretly videotaped them having sex and then emailed the video to his friends. The issue is whether the plaintiff could proceed on federal Wiretap Act claims. The court said yes. But then the court stated:
In terms of assessing blame, however, in my view it is the attorney for the pseudonymous party who bears the responsibility to ensure that the appellate briefs posted online — and surely the Seventh Circuit’s practice of posting briefs online comes as a surprise to no one — does not reveal the actual identity of the lawyer’s pseudonymous client. . . .
There is no way that an appellate court’s clerk’s office can review filings for the purpose of making appropriate redactions; that is the job of counsel for the parties.
These days, however, most users of the internet understand that every bit of information communicated electronically leaves electronic fingerprints that can be used to trace the source of the information, even if the source hoped to remain anonymous. To be sure, there are ways to anonymize emails and other forms of communication, but they tend to be complicated to use and difficult to figure out. . . .
I doubt whether anonymous blogging is possible. It surely isn’t possible if the blogger conducts email correspondence with others and fails to mask his or her internet protocol address. Plus, even the act of logging on to a blogging service provider, such as TypePad or blogger, leaves electronic fingerprints, and I’d have to assume that “UTR” had a TypePad subscription, enabling someone to subpoena the blog owner’s identity and/or payment information. So, to you anonymous bloggers out there, have fun, but don’t fool yourselves into thinking that simply by not providing your identity you are doing an effective job of remaining hidden.