Data Privacy

Over the last several years, there has been a monumental shift in how regulators, companies and consumers think about data privacy and security. Companies face an untenable and growing number of state privacy, cybersecurity and data breach laws that offer significant enforcement authority to federal and state regulators while opening the door for opportunistic plaintiffs’ lawyers to seek large settlements, even when there is no apparent harmRead More...

State privacy laws impose different (and sometimes contradictory) standards, including what types of notice and consent are required for what types of information, and when and how victims of data breaches must notify their customers. Customers may also not be required to demonstrate monetary or property losses in order to seek damages for an alleged violation. Even a technical violation of certain laws could be grounds for a private action.

A standard federal data privacy law would provide much-needed certainty for businesses and protect them from abusive and overlapping enforcement. The Federal Trade Commission should be the sole authority of data privacy enforcement, and should work to prevent and punish behavior that actually harms consumers. Finally, a federally enforced privacy framework should not create a private right of action, which would only add to the tremendous lawsuit cost Americans already pay, while enriching lawyers and providing very little value for consumers.

Emerging technologies also suffer from outdated or poorly-conceived laws and regulations. This leaves the door open for plaintiffs’ lawyers attempting to create regulation through litigation, bogging down the economy with lawsuits. Instead, lawmakers and regulators should implement rational policy changes that strike the right balance between innovation and consumer protection, so that we have a legal environment that supports—not stifles—the creative potential of the American economy.


Suggested Resources

  • ILR Briefly COVID-19 Series: Liability Overview

    ILR Briefly COVID-19 Series: Liability Overview

    April 23, 2020

    As Americans and businesses of all sizes are working together to get through the COVID-19 health crisis, plaintiffs' lawyers have already begun filing COVID-19-related lawsuits. Limiting litigation abuse is essential to making available the tools and resources needed to combat the virus, and ultimately to spurring economic recovery once the immediate health crisis has been resolved. This edition of ILR Briefly explores the current and anticipated types of litigation coming out of the COVID-19 pandemic. Read More

  • Mapping a Privacy Path: Liability and Enforcement Recommendations for States

    Mapping a Privacy Path: Liability and Enforcement Recommendations for States

    December 12, 2019

    When it comes to data privacy, the only way to effectively protect consumers' personal information while providing certainty and clarity to businesses is to create a single, preemptive, federal data privacy standard. However, until and unless Congress can provide such a standard, state lawmakers are obliged to step in and create state-level protections. Recognizing this reality, ILR's research offers state legislators a guide to limit unintended consequences of state privacy and security laws by preventing unnecessary litigation. Read More

All Results for Data Privacy

  1. In the News Today - October 3, 2017

    October 03, 2017 | News

    Biz Groups Push FTC To Avoid 'Theoretical' Privacy Harms; California small businesses are vulnerable to mass-produced litigation... Read More

  2. In the News Today - September 13, 2017

    September 13, 2017 | News and Blog

    Litigation Risk Ebbs Even As Data Hacks Rise, Report Says: Law firm Bryan Cave released a report on data breach litigation, which found that data breach class actions went up by seven percent in 2016 over 2015, though the number of breaches that attracted litigation went down. ... Read More

  3. Inconsistent Data Breach Rulings Raises Chances of SCOTUS Consideration

    August 17, 2017 | News and Blog

    Circuit courts appear to be split on whether the fear of damage from a potential data breach gives plaintiffs standing to bring a putative class action lawsuit. Experts say this raises the chances the U.S. Supreme Court would consider the issue, writes Business Insurance.... Read More

  4. In the News Today - May 10, 2017

    May 10, 2017 | News and Blog

    The American Bar Association called on Congress to pursue national data protection standards for companies that handle consumers' financial data. "It's time to get serious about building a security infrastructure that brings banks, payment networks and retailers together," ABA said. "It's time to pass a strong, consistent national standard for fighting data breaches."... Read More

  5. The ILR Research Review - Spring 2017

    May 08, 2017 | Research

    This edition of the ILR Research Review offers valuable insights from ILR's recent research on the latest trends in litigation and the tactics and strategies entrepreneurial plaintiffs' firms are using to expand their business models and bring more lawsuits in local, state, federal, and international courts.... Read More

  6. In the News Today - April 21, 2017

    April 21, 2017 | News and Blog

    Trevor McFadden, Acting Principal Deputy Assistant Attorney General for the Department of Justice Criminal Division, said that prosecutors are "committed to wrapping up old Foreign Corrupt Practices Act cases and investigating new ones more quickly." ... Read More

  7. Engineered Liability: The Plaintiffs' Bar's Campaign to Expand Data Privacy and Security Litigation

    April 19, 2017 | Research

    As data breaches are becoming more commonplace, the plaintiffs' bar is engineer a staggering expansion of liability in the areas of privacy and data security. Class action lawyers are pursuing data privacy cases and amassing fortunes even where no one has been harmed. This paper examines the data privacy and security legal landscape, plaintiffs' bar tactics, major cases and settlements, and a suggested framework for reform.... Read More

  8. Torts of the Future: Addressing the Liability and Regulatory Implications of Emerging Technologies

    March 29, 2017 | Research

    Torts of the Future examines the emerging technology sectors of autonomous vehicles, commercial drones, private space exploration, the "sharing economy," and the Internet of Things, and assesses the existing regulatory and litigation environments and future liability trends for each. The paper also draws from experience in each area to present guiding principles for addressing the liability and regulatory implications of emerging technologies.... Read More

  9. Data Breaches Soar to Record Levels in New York

    March 23, 2017 | News and Blog

    New York businesses disclosed nearly 1,300 incidents of data security breaches in 2016 that compromised 1.6 million residents, writes Law360.... Read More

  10. In the News Today - March 16, 2017

    March 16, 2017 | News and Blog

    U.S. courts approved the highest number of securities class action settlements since 2010. Continuing the growth observed in the prior year, there were 85 approved settlements in 2016, five more than in 2015. Both years are a substantial increase over the annual numbers from 2011 through 2014. Additionally, the $6 billion of approved settlements in 2016 was nearly double the total settlement value in 2015.... Read More