‘Data Breach Harms – Bringing in the Courts, or Leaving Them Out?’

Daniel J Solove and Danielle Keats Citron, Risk and Anxiety: A Theory of Data-Breach Harms, 96 Texas Law Review 737 (2018). As more and more of our daily activities and private lives shift to the digital realm, maintaining digital security has become a vital task. Private and public entities find themselves in the position of controlling vast amounts of personal information and therefore responsible for assuring such information does not find its way to unauthorized hands. In some cases, there are strong incentives to maintain high standards of digital security, as security breaches are a real pain. When reports on such breaches are made public, they generate reputation costs, lead to regulatory scrutiny and often call for substantial out-of-pocket expenses to fix. Unfortunately, however, the internal incentives for maintaining high security standards are often insufficient motivators. In such cases, the security measures taken are unfitting, outdated and generally unacceptable. These are the instances where legal intervention is required … (more)

[Tal Zarsky, JOTWELL, 19 February]

Leave a Reply