Once More Unto the Breach: How Counsel Should Help Clients Prepare for and Respond to Data Incidents – July 1, 2016
Pepper Hamilton
Description
State attorneys general can also bring enforcement actions that may result in heavy
penalties. The COAG has not been shy in bringing privacy enforcement actions. For
example, in 2013, Citibank, N.A. agreed to pay a $420,000 penalty under a stipulated
final judgment arising out of a breach of its Citibank Online website resulting from a
known technical vulnerability that affected more than 80,000 California account
holders.
People v Citibank, N.A. (Cal Super Ct, Aug. 29, 2013, No.
RG13693591) (unpublished order). Derivative suits brought by shareholders alleging a breach of fiduciary duty by officers and directors are also becoming increasingly common for public companies that find themselves the subject of data breaches. However, the Wyndham case, discussed above, shows that plaintiffs may have difficulty succeeding if the board exercises appropriate care and due diligence. In addition to Wyndham, breach of fiduciary duty lawsuits have been brought in connection with the Target and Home Depot data breaches. Conclusion Businesses have long understood that the technical aspects of cybersecurity need the attention of dedicated IT and security professionals.
The same holds true for the legal aspects of cybersecurity. Experienced legal counsel are needed to prepare for and to help prevent data incidents. Experienced counsel are also needed to ensure that any response to a breach not only meets all legal and regulatory requirements, but also best positions the client to weather the perfect storm of litigation, reputational harm, and other business impacts resulting from a breach. The material in this publication was created as of the date set forth above and is based on laws, court decisions, administrative rulings and congressional materials that existed at that time, and should not be construed as legal advice or legal opinions on specific facts.
The information in this publication is not intended to create, and the transmission and receipt of it does not constitute, a lawyer-client relationship. Copyright © 2016 Pepper Hamilton LLP Privacy Policy | Terms & Conditions | Attorney Advertising Contact Us: phinfo@pepperlaw.com or 866.737.7372 | Brand design by Greenfield/Belser Ltd. With PDFmyURL anyone can convert entire websites to PDF! .
People v Citibank, N.A. (Cal Super Ct, Aug. 29, 2013, No.
RG13693591) (unpublished order). Derivative suits brought by shareholders alleging a breach of fiduciary duty by officers and directors are also becoming increasingly common for public companies that find themselves the subject of data breaches. However, the Wyndham case, discussed above, shows that plaintiffs may have difficulty succeeding if the board exercises appropriate care and due diligence. In addition to Wyndham, breach of fiduciary duty lawsuits have been brought in connection with the Target and Home Depot data breaches. Conclusion Businesses have long understood that the technical aspects of cybersecurity need the attention of dedicated IT and security professionals.
The same holds true for the legal aspects of cybersecurity. Experienced legal counsel are needed to prepare for and to help prevent data incidents. Experienced counsel are also needed to ensure that any response to a breach not only meets all legal and regulatory requirements, but also best positions the client to weather the perfect storm of litigation, reputational harm, and other business impacts resulting from a breach. The material in this publication was created as of the date set forth above and is based on laws, court decisions, administrative rulings and congressional materials that existed at that time, and should not be construed as legal advice or legal opinions on specific facts.
The information in this publication is not intended to create, and the transmission and receipt of it does not constitute, a lawyer-client relationship. Copyright © 2016 Pepper Hamilton LLP Privacy Policy | Terms & Conditions | Attorney Advertising Contact Us: phinfo@pepperlaw.com or 866.737.7372 | Brand design by Greenfield/Belser Ltd. With PDFmyURL anyone can convert entire websites to PDF! .
