Sign up for more with a complimentary subscription to Today’s General Counsel magazine.
The Looming Threat Of Data Breach Class Actions
October 26, 2022
A post from law firm Quinn Emanuel begins with a parade of horribles, listing some of the painful consequences suffered by companies that get hit with a data breach. These include the cost of the required technical fix, reputational harm, cost of whatever regulatory action ensues, and a possible decline in share price. To this list, the writers say it’s time to add another, one they say is just now emerging as a real threat: the risk of private litigation in the form of a class action.
These lawsuits are not a totally new development, but plaintiff lawyers have been largely stymied by factors including the latency of the alleged risk, the fact the alleged harm was “incremental,” and the difficulty of establishing standing. But the plaintiff lawyers have risen to the occasion over the past several years, according to the writers, and now private litigation is “a probability, not a possibility, after a major data breach.” In 2021 there were 36 major data breach class actions, according to their count, and that’s a 44 percent increase over 2020. “Private plaintiffs,” they write, “typically race to the courthouse to jockey for position, with complaints now brought on average within four weeks of a breach announcement.”
The writers survey the latest developments in data breach litigation, including the challenges that remain for plaintiffs and their prospects for success, in particular with regard to establishing standing and proving damages. They also discuss some defenses currently being mounted, and finally they provide their take on possible future trends in this area. Among the latter: shareholders attempting to hold executive and board members liable for failing to implement adequate security.
Share this post: