Verstraete and Zarsky, ‘Optimizing Breach Notification’

ABSTRACT
Maintaining data security is a crucial social objective in the digital age. An emerging strategy to ensure adequate security is through breach notification laws, which require firms to provide notice upon discovering a security breach. These laws are pervasive. All fifty states, several federal laws, the EU’s GDPR and the OECD have incorporated notification schemes into an array of privacy and data security efforts. However, these laws are also in flux. Jurisdictions are constantly updating these laws by introducing new definitions, requirements and exceptions. In view of the important regulatory challenges ahead, this Article interrogates the structure and efficacy of the diverse set of data breach notification statutes and proposes an optimal regulatory path forward. In doing so, it provides crucial insights about both breach notification laws and theories about legal remedies more generally …

Verstraete, Mark and Zarsky, Tal, Optimizing Breach Notification (July 14, 2020). University of Illinois Law Review, volume 2021.

Leave a Reply