Antitrust and Consumer Protection
Competition: Spring 2015, Vol. 24, No. 1
Content
- California Antitrust and Unfair Competition Law and Federal and State Procedural Law Developments
- Chair's Column
- Editor's Note
- How Viable Is the Prospect of Enforcement of Privacy Rights In the Age of Big Data? An Overview of Trends and Developments In Consumer Privacy Class Actions
- Keynote Address: a Conversation With the Honorable Kathryn Mickle Werdegar, Justice of the California Supreme Court
- Major League Baseball Is Exempt From the Antitrust Laws - Like It or Not: the "Unrealistic," "Inconsistent," and "Illogical" Antitrust Exemption For Baseball That Just Won't Go Away.
- Masthead
- Nowhere To Run, Nowhere To Hide: In the Age of Big Data Is Data Security Possible and Can the Enforcement Agencies and Private Litigation Ensure Your Online Information Remains Safe and Private? a Roundtable
- Restoring Balance In the Test For Exclusionary Conduct
- St. Alphonsus Medical Center-nampa and Ftc V St. Luke's Health System Ltd.: a Panel Discussion On This Big Stakes Trial
- St. Alphonsus Medical Center - Nampa, Inc., Et Al. and Federal Trade Commission, Et Al. V St. Luke's Health System, Ltd., and Saltzer Medical Group, P.a.: a Physicians' Practice Group Merger's Journey Through Salutary Health-related Goals, Irreparable Harm, Self-inflicted Wounds, and the Remedy of Divestiture
- The Baseball Exemption: An Anomaly Whose Time Has Run
- The Continuing Violations Doctrine: Limitation In Name Only, or a Resuscitation of the Clayton Act's Statute of Limitations?
- The Doctor Is In, But Your Medical Information Is Out Trends In California Privacy Cases Relating To Release of Medical Information
- The United States V. Bazaarvoice Merger Trial: a Panel Discussion Including Insights From Trial Counsel
- United States V. Bazaarvoice: the Role of Customer Testimony In Clayton Act Merger Challenges
- The State of Data-breach Litigation and Enforcement: Before the 2013 Mega Breaches and Beyond
THE STATE OF DATA-BREACH LITIGATION AND ENFORCEMENT: BEFORE THE 2013 MEGA BREACHES AND BEYOND
By Evan M. Wooten1
Over the past year, data breach and security have come to dominate the privacy law landscape. High-profile breaches at numerous retailers leading into the 2013 holiday season brought widespread awareness to risks that businesses have been navigating for the better part of a decade, if not longer. Consumers awoke to the reality that electronic systems are under constant threat of intrusion from malware, hackers, and foreign states. Lawmakers reacted to consumer alarm and unrest with calls for accountability and reform. Industry groups, governmental entities, and information-sharing systems representing public and private bodies increased efforts to identify threats and enhance security. And, of course, litigation ensued.
After a brief overview, this article will explore (i) traditional data-breach litigation and public enforcement efforts; (ii) the state and federal response to recent high-profile breaches; and (iii) significant developments in case law and enforcement since the 2013 mega breaches. The 2014 holiday season brought more high profile breaches, bringing the issue back into focus and ensuring additional litigation. Data-breach lawsuits are nothing new, but there can be no question that the data-security landscape is changing. The question is, will changes in public perception and awareness auger different results in litigation and enforcement? Thus far, the answer has been mostly ‘no,’ but several developments warrant attention and bear watching in the future. Practitioners will want to familiarize themselves with existing law and keep close tabs on evolving issues.