PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Why Do Lawsuits for Data Breaches Continue Even Though the Law Is Against Plaintiffs?

chess pic 1

by Daniel J. Solove

If there’s a big data breach, the class action lawyers will start nipping like a bunch of hungry crocodiles. Upwards of forty separate lawsuits were filed against Target after its data breach, and one was filed the day after the breach became public knowledge.

The law, however, has thus far been far from kind to plaintiffs in data breaches. Most courts dismiss claims for lack of harm. I have written extensively about harm in a series of posts on this blog, and I have chided courts for failing to recognize harm when they should.

Continue Reading

How Should the Law Handle Privacy and Data Security Harms?

law handle privacy and data security harms 1

by Daniel J. Solove

In three earlier posts, I’ve been exploring the nature of privacy and data security harms.

In the first post, Privacy and Data Security Violations: What’s The Harm?, I explored how the law often fails to recognize harm for privacy violations and data breaches.

In the second post, Why the Law Often Doesn’t Recognize Privacy and Data Security Harms, I examined why the law has struggled in recognizing harm for privacy violations and data breaches.

Continue Reading

Do Privacy Violations and Data Breaches Cause Harm?

L

by Daniel J. Solove

In two earlier posts, I’ve been exploring the nature of privacy and data security harms.

Post 1: Privacy and Data Security Violations: What’s The Harm?

Post 2: Why the Law Often Doesn’t Recognize Privacy and Data Security Harms

In this post, I want to explore two issues that frequently emerge in privacy and data security cases: (a) the future risk of harm; and (b) individual vs. social harm.

Continue Reading

Privacy and Data Security Violations: What’s the Harm?

privacy and data security violation blog 1

by Daniel J. Solove

“It’s just a flesh wound.”

Monty Python and the Holy Grail

Suppose your personal data is lost, stolen, improperly disclosed, or improperly used. Are you harmed?

Suppose a company violates its privacy policy and improperly shares your data with another company. Does this cause a harm?

In most cases, courts say no. This is the case even when a company is acting negligently or recklessly. No harm, no foul.

Continue Reading