DataSecurityLaw.com is the firm’s resource for the latest news, analysis, and thought leadership in the critical area of privacy and cybersecurity law. Patterson Belknap’s Privacy and Data Security practice provides public and private enterprises, their leadership teams and boards with comprehensive services in this critical area. Our team of experienced litigators, corporate advisors and former federal and state prosecutors advises on a broad range of privacy and data protection matters including cyber preparedness and compliance, data breach response, special board and committee representation, internal investigations, and litigation.
Among other things, 2018 was the year of the shareholder data breach stock-drop lawsuit. As we’ve previously reported, it was the year that shareholders began routinely suing companies after an announcement of a data breach, seeking damages for a hit to the company’s stock price.
It’s become almost routine. A public company suffers a data breach at the hands of hackers, its stock price slides and the securities fraud class action lawsuits pile on.
As we recently reported, it’s a new trend in securities fraud class actions. Shareholders claim that public companies have improperly inflated their stock value either by failing to timely disclose data security incidents or latent vulnerabilities that rendered the company’s systems susceptible to a cyberattack.
Many believe that blockchain technology will revolutionize the way humans interact, in business and beyond. Though cryptocurrency is the topic du jour, blockchains can do much more than just enable digital currencies: they can be used to transform the way we store and manage many kinds of data, from real property and voting records to intellectual property licenses and medical information, and more. If blockchain is mainstreamed, courts will inevitably be faced with disputes arising out of the differences between blockchain and current methods of managing transactional data.
This morning, the long-running dispute between Microsoft Corp. and the U.S. government regarding data stored abroad was resolved by the United States Supreme Court. As we’ve previously discussed, the case posed the question: must U.S. companies comply with warrants issued under the Stored Communications Act (“SCA”) that demand data stored in a foreign country? Today, the Supreme Court concluded that newly enacted legislation had effectively ended the case, making the Court’s involvement unnecessary.
Shareholders may have found a new hook for data security lawsuits.
The federal Computer Fraud and Abuse Act of 1986 (“CFAA”) has generated controversy and disagreement among courts and commentators regarding the scope of its application. The statute, 18 U.S.C. § 1030, which provides for both criminal and civil penalties, prohibits accessing a computer or protected computer “without authorization” or in a manner “exceeding authorized access.” Courts are divided as to the meaning of these phrases, yet the U.S. Supreme Court recently declined the opportunity to resolve the circuit split that has developed, leaving the exact scope of this important statute in question.
Over the past several years, we have witnessed a fundamental shift in orchestrated cyber-attacks from hacking credit card data and healthcare information to targeting businesses, their operations and bottom lines.
New filings in the consolidated Home Depot data breach litigation, which we have previously covered on this blog, indicate that Home Depot and the remaining financial institution plaintiffs have reached a settlement.
Back in December of last year, we reported that for the first time, a U.S. law firm – Johnson & Bell, a mid-sized Chicago firm – was publicly named in a class action data security lawsuit. Last month, the firm obtained a significant victory in the case.
