U.S. Chamber Institute for Legal Reform

When the prospect of large monetary settlements is on the table, no business sector is secure from plaintiffs' attorneys. In this pattern, there is a growing campaign by the plaintiffs' bar to target data privacy and security in the hopes of striking it rich in a new goldmine on the level of the asbestos litigation of the 1970s, 80s, and 90s. The plaintiffs' bar appears to be taking advantage of the unfortunate reality that data breaches are becoming more commonplace, privacy laws and regulations in the U.S. are in flux, federal and state regulators are hungry for a new privacy framework, and consumers and citizens are confused about what protections, if any, apply to their information. In doing so, plaintiffs' attorneys are undertaking to expand regulation of and legal exposures for businesses in this area and also are stretching old laws to address new situations involving privacy in unintended ways.

Authors: Kimberly Chow Divonne Smoyer

Plaintiffs’ attorneys are engineering a staggering expansion of liability in the areas of privacy and data security. Class action lawyers are pursuing data privacy cases and amassing fortunes even where no one has been harmed. An alleged “breach” may have resulted when a laptop was lost, for example, but if the information on it was never accessed, no identity theft or other damage will have resulted. But the absence of actual harm does not stop plaintiffs from pursuing legal theories such as “unjust enrichment,” among others.

To read this article in full, please visit instituteforlegalreform.com.