Featured

Proposed bill imposes stiff penalties and compensates consumers for data breaches

Last September, shortly after Equifax disclosed a massive data breach, regulatory agencies moved quickly to adopt regulations intended to better protect consumers from data breaches.  Last week, Congress took a first step toward codifying such protections.

Continue reading

Featured

Jail time for concealing a data breach? The Uber breach raises the stakes again in relation to breach response.

On November 30, three Senate Democrats introduced the now third pending bill concerning data breach response and substantive data security requirements, all three of which came in the wake of the Uber and Equifax data breaches, and the stunning revelation that Uber hid the breach for over a year.  Indeed, as is now well known, Uber went so far as to pay a hacker or hackers to conceal the breach and delete the compromised data.

Continue reading

Featured

Rise of the Plaintiff Jurisdictions - Local Edition (with some help from the Plaintiffs’ bar)

Like a rider hailing an overcrowded uberPOOL heading to O’Hare on a busy weekday, the City of Chicago has joined the feeding frenzy surrounding the recently disclosed and controversially handled Uber breach. 

Continue reading

Featured

Turning Bad Breach Response Up to 11: Uber Shows Us What (Else) to Avoid in Response to a Breach

At the recent 2017 GreyCastle Cybersecurity Symposium: Generation Cyber, I had the pleasure of presenting the “Top 10 Legal Pitfalls to Avoid in Relation to a Data Breach.”

Continue reading

Featured

Courts Becoming More Attuned to Identity Theft Risks Following Data Breaches

For years now, business organizations have had a ready and reliable defense to the customer class-action lawsuits that inevitably follow whenever a new data breach is announced: You can’t sue us because any damage from the breach is purely speculative unless the names, addresses, credit card numbers, etc., that were stolen in the attack have actually been misused for fraudulent purchases or identity theft.  No harm (yet), no foul.

Continue reading

Disclaimer

This website presents only general information not intended as legal advice. Although we encourage calls, letters and emails from prospective clients, please keep in mind that merely contacting Harter Secrest & Emery LLP (HSE) does not establish an attorney-client relationship between us. Confidential information should not be sent to HSE until you have been notified in writing by HSE that a formal attorney-client relationship has been established. Information sent to us before then may not be treated as confidential by HSE or the court.

I have read this and agree     Cancel