Data Privacy

Over the last several years, there has been a monumental shift in how regulators, companies and consumers think about data privacy and security. Companies face an untenable and growing number of state privacy, cybersecurity and data breach laws that offer significant enforcement authority to federal and state regulators while opening the door for opportunistic plaintiffs’ lawyers to seek large settlements, even when there is no apparent harmRead More...

State privacy laws impose different (and sometimes contradictory) standards, including what types of notice and consent are required for what types of information, and when and how victims of data breaches must notify their customers. Customers may also not be required to demonstrate monetary or property losses in order to seek damages for an alleged violation. Even a technical violation of certain laws could be grounds for a private action.

A standard federal data privacy law would provide much-needed certainty for businesses and protect them from abusive and overlapping enforcement. The Federal Trade Commission should be the sole authority of data privacy enforcement, and should work to prevent and punish behavior that actually harms consumers. Finally, a federally enforced privacy framework should not create a private right of action, which would only add to the tremendous lawsuit cost Americans already pay, while enriching lawyers and providing very little value for consumers.

Emerging technologies also suffer from outdated or poorly-conceived laws and regulations. This leaves the door open for plaintiffs’ lawyers attempting to create regulation through litigation, bogging down the economy with lawsuits. Instead, lawmakers and regulators should implement rational policy changes that strike the right balance between innovation and consumer protection, so that we have a legal environment that supports—not stifles—the creative potential of the American economy.


Suggested Resources

  • Ill-Suited: Private Rights of Action and Privacy Claims

    Ill-Suited: Private Rights of Action and Privacy Claims

    July 11, 2019

    Private rights of action (PRAs) are highly problematic: the plaintiffs' bar benefits significantly from America's lawsuit system, while consumers are left with little. PRAs are especially poor tools for addressing privacy issues, which are better left to regulators with relevant expertise and perspective to shape and balance penalties, deterrence, innovation, and consumer protection. Read More

  • Torts of the Future: Addressing the Liability and Regulatory Implications of Emerging Technologies

    Torts of the Future: Addressing the Liability and Regulatory Implications of Emerging Technologies

    March 29, 2017

    Torts of the Future examines the emerging technology sectors of autonomous vehicles, commercial drones, private space exploration, the "sharing economy," and the Internet of Things, and assesses the existing regulatory and litigation environments and future liability trends for each. The paper also draws from experience in each area to present guiding principles for addressing the liability and regulatory implications of emerging technologies. Read More

All Results for Data Privacy

  1. In the News Today - December 6, 2019

    December 06, 2019 | News

    Biometric Data Law Can Cause Litigation "Explosion," Florida Chamber Warns... Read More

  2. In the News Today - December 4, 2019

    December 04, 2019 | News

    "Financial Cos. Face A New Normal Under State Privacy Laws"... Read More

  3. California Data Law Filled With "Subjective" Language, Advocates Say

    December 04, 2019 | News

    Business advocates said the California Consumer Privacy Act contains "subjective" language at a meeting with state government officials, reports.... Read More

  4. Illinois Biometric Privacy Law Has Become "Serious Concern"

    November 21, 2019 | News

    Kevin LaCroix, the author of the D&O Diary blog, says the Illinois Biometric Information Privacy Act (BIPA) has "become a much more serious concern" over the past year.... Read More

  5. In the News Today - November 18, 2019

    November 18, 2019 | News

    "The Coming Storm Of Biometric Privacy Laws: How To Comply;" Oklahoma Judge Says Opioid Verdict Must Only Cover One Year, Not 30... Read More

  6. "The Coming Storm Of Biometric Privacy Laws"

    November 15, 2019 | News

    Two defense attorneys run through the changing landscape of biometric privacy laws and how they can affect the legal system in a new Law360 expert analysis piece.... Read More

  7. Consumers and Businesses "Will Pay a Price" For State-by-State Data Regulations

    October 15, 2019 | News

    A patchwork of state data privacy laws give consumers a "false sense of security" and force businesses to "pay a steep price," the president of the Internet Association said in a New York Times op-ed.... Read More

  8. In the News Today - September 25, 2019

    September 25, 2019 | News

    European Court of Justice Limits Scope of Data Laws... Read More

  9. ILR Research Review, Volume 6, Issue 2

    September 10, 2019 | Research

    This edition of the ILR Research Review covers four developments that represent a cross-section of the litigation challenges facing the American business community today, including: municipality lawsuits against energy producers; the unsuitability of private rights of action for protecting privacy; the enduring value of arbitration; and the urgent need to ensure fairness for defendants in multidistrict litigation proceedings.... Read More

  10. In the News Today - September 6, 2019

    September 06, 2019 | News

    Chicago Engaging in "Naked Gamesmanship," Uber Says... Read More