1

The US White House has just release the subject blog post link here which suggests adoption of this proposed new cyber insurance might be rewarded by liability limitations including "reduced tort liability, limited indemnity, higher burdens of proof, or the creation of a Federal legal privilege that preempts State disclosure requirements."

My question is can someone point to cases of such liability and resulting fines etc. in recent history? My sense is there is little happening in this space thus that incentive will be minor. I might well be very wrong which would be important to know relative to this possible game changer in 2014.

zedman9991
  • 3,377
  • 15
  • 22
  • 3
    Why don't you ask a good lawyer? Even a bad one will tap Lexis-Nexis and get a few ideas... – Deer Hunter Aug 08 '13 at 21:04
  • 2
    How about a counter-example? PCI DSS compliance. Every company that's been breached was audited and found to be in compliance prior to the breach, yet they were still fully liable for damages to their customers. The expensive audits provided no legal protection. This just looks like another expensive boondoggle. – John Deters Aug 27 '13 at 18:29
  • John Deters understood but I have been looking at liability for some time and when the bank gets accounts ripped off the account holder is liable not the custodian etc. Good counter-example... – zedman9991 Aug 27 '13 at 18:50
  • @zedman9991 in my country the customer is liable if internet banking access is gained, but the bank is liable if the credit card number is stolen (because banks are supposed to detect stolen credit cards and prevent any fraudulent charges from taking place) – Abhi Beckert Aug 29 '13 at 03:29
  • "a Federal legal privilege that preempts State disclosure requirements." Civil War 2? East versus West – this.josh Aug 29 '13 at 06:56

1 Answers1

2

After Sony's PSN network was hacked, there were many class action lawsuits filed against them all around the world. Some were dismissed by the judge, while others reached an expensive settlement.

For example, this was the result of just one of the many lawsuits:

Settlement approved in Canadian cyber attack suit

  • Class Members who had a credit balance in their PSN or SOE account at the time of the Intrusions but have not used any of their accounts shall receive cash payments for credit balances.
  • The Sony Entities will make available online game and service benefits to class members geared principally to the type of account (PSN, Qriocity, and/or SOE) held by the class member at the time of the Intrusions.
  • The settlement benefits are available through a simple process. To become entitled to benefits, Class Members need only to complete a claim form.
  • The Sony Entities will reimburse any Class Members who can demonstrate that they suffered Actual Identity Theft, as defined in the Settlement Agreement. Class Members that prove Identity Theft can submit claims for reimbursement of out-of-pocket payments (not otherwise reimbursed) for expenses that are incurred as a direct result of the Actual Identity Theft, up to a maximum of $2,500.00 per claim.
  • The Sony Entities are to pay for the costs associated with providing notice of the Settlement Agreement and the settlement approval hearing, all administration costs, as well as an agreed amount for plaintiffs’ lawyers’ fees and expenses ($265,000).
Abhi Beckert
  • 703
  • 1
  • 6
  • 11
  • This question relates to legal relief the US White House can provide as an incentive to motivate US actors. – zedman9991 Aug 29 '13 at 16:17