Data Privacy

Over the last several years, there has been a monumental shift in how regulators, companies and consumers think about data privacy and security. Companies face an untenable and growing number of state privacy, cybersecurity and data breach laws that offer significant enforcement authority to federal and state regulators while opening the door for opportunistic plaintiffs’ lawyers to seek large settlements, even when there is no apparent harmRead More...

State privacy laws impose different (and sometimes contradictory) standards, including what types of notice and consent are required for what types of information, and when and how victims of data breaches must notify their customers. Customers may also not be required to demonstrate monetary or property losses in order to seek damages for an alleged violation. Even a technical violation of certain laws could be grounds for a private action.

A standard federal data privacy law would provide much-needed certainty for businesses and protect them from abusive and overlapping enforcement. The Federal Trade Commission should be the sole authority of data privacy enforcement, and should work to prevent and punish behavior that actually harms consumers. Finally, a federally enforced privacy framework should not create a private right of action, which would only add to the tremendous lawsuit cost Americans already pay, while enriching lawyers and providing very little value for consumers.

Emerging technologies also suffer from outdated or poorly-conceived laws and regulations. This leaves the door open for plaintiffs’ lawyers attempting to create regulation through litigation, bogging down the economy with lawsuits. Instead, lawmakers and regulators should implement rational policy changes that strike the right balance between innovation and consumer protection, so that we have a legal environment that supports—not stifles—the creative potential of the American economy.

01/01/2019

Suggested Resources

Research
  • Ill-Suited: Private Rights of Action and Privacy Claims

    Ill-Suited: Private Rights of Action and Privacy Claims

    July 11, 2019

    Private rights of action (PRAs) are highly problematic: the plaintiffs' bar benefits significantly from America's lawsuit system, while consumers are left with little. PRAs are especially poor tools for addressing privacy issues, which are better left to regulators with relevant expertise and perspective to shape and balance penalties, deterrence, innovation, and consumer protection. Read More

  • Torts of the Future: Addressing the Liability and Regulatory Implications of Emerging Technologies

    Torts of the Future: Addressing the Liability and Regulatory Implications of Emerging Technologies

    March 29, 2017

    Torts of the Future examines the emerging technology sectors of autonomous vehicles, commercial drones, private space exploration, the "sharing economy," and the Internet of Things, and assesses the existing regulatory and litigation environments and future liability trends for each. The paper also draws from experience in each area to present guiding principles for addressing the liability and regulatory implications of emerging technologies. Read More

All Results for Data Privacy

  1. In the News today - August 27, 2019

    August 27, 2019 | News

    Ninth Circuit BIPA Ruling Creates "Staggering" Potential Exposure for Companies... Read More

  2. Biometric Privacy Question Likely Headed To Supreme Court, Lawyer Says

    August 14, 2019 | News

    Questions surrounding the viability of biometric data privacy class action lawsuits are likely headed to the U.S. Supreme Court, a lawyer told the Cook County Record. ... Read More

  3. Ninth Circ. Decision "Likely To Make It Easier" To Bring Biometric Lawsuits

    August 13, 2019 | News

    According to Law360, a recent decision by the Ninth Circuit is "likely to make it easier for plaintiffs to prop up" biometric information privacy class actions around the country. ... Read More

  4. Private Rights of Action - Shifting Gears in Privacy Enforcement

    August 06, 2019 | Blogs

    A private right of action is essentially a license to sue. It's usually a statutory grant of authority that gives private lawyers the green light to enforce privacy laws through litigation. But when plaintiffs' lawyers-not government agencies-are allowed to write and enforce the rules of the road, it can lead to mixed signals. ... Read More

  5. In the News Today - August 1, 2019

    August 01, 2019 | News

    FTC Says Not Everyone Will Get Paid Though Equifax Settlement... Read More

  6. ILR COO: Plaintiffs' Lawyers Use Private Rights of Action For "Own Financial Gain"

    July 22, 2019 | News

    U.S. Chamber Institute for Legal Reform (ILR) Chief Operating Officer Harold Kim said plaintiffs' lawyers are the only "group that benefits from private lawsuits."... Read More

  7. In the News Today - July 17, 2019

    July 17, 2019 | News

    EU Data Privacy Fines Are Getting Steep. Will This Be the New Normal?... Read More

  8. New ILR Research Finds Private Rights Of Action Are "Inefficient and Ineffective"

    July 15, 2019 | News

    A new research paper released by the U.S. Chamber Institute for Legal Reform (ILR) found that "private rights of action are inefficient and ineffective," particularly when used to address data privacy concerns.... Read More

  9. New Study: Lawsuits Are Poor Tools for Protecting Privacy

    July 15, 2019 | Press Release

    A new study released by the U.S. Chamber Institute for Legal Reform (ILR) shows what happens when plaintiffs' lawyers are given the green light to enforce privacy laws through private rights of action: clogged courts, less innovation and no real benefit to consumers. ... Read More

  10. Data Done Right Video

    July 11, 2019 | Video | Watch