The Business Law Journal is proud to present:
Corporate Data Breaches: What Companies Can Learn from Recent High Profile Attacks
Friday, November 6, 2015
12:00 p.m. to 5:00 p.m.
King Hall, Kalmanovitz Appellate Courtroom
The increasing number of major corporate data breaches has created new challenges in terms of safeguarding private customer and company information. The public, the government, and the law are beginning to respond and attorneys will need to incorporate public concern, new governmental regulations, and recent and upcoming judicial opinions into their practices. The responses to recent high-profile breaches as well as official submission to the United States Supreme Court of Spokeo, Inc. v. Robins’ , the case that granted plaintiff Thomas Robins standing under the Fair Credit Reporting Act with only a speculative injury, represents a turning-point in corporate data management. Although the exact outcome is uncertain, experts in corporate law, professors on security law, and public-policy creators will discuss where they believe the field is headed and what is likely to have the greatest impact.
Corporations Post Data-Breaches
Once a major corporation has been breached, there are many challenges facing corporations and the attorneys representing them, the threat of class action lawsuits being chief among them. Historically, circuit court decisions have been split in their analysis and application of federal law regarding mass breaches, leaving many companies fearing that their outcome will be jurisdiction specific. This panel will discuss the application of federal law for issues such as standing, damages, and legislative intent, citing examples like Remijas v. Neiman Marcus Group, LLC; In re Adobe Sys., Inc. Privacy Litig.; Reilly v. Ceridian Corp.; and Moyer v. Michaels Stores, Inc..
Financial Repercussions of Data Hacks: Public Relations, Damages, and New Regulation
With each major attack, impacted corporations have taken a major hit in their respective stock prices, public reputation, and litigation costs. This panel will discuss the practical financial implications of major data breaches, the strategies implemented by companies to ameliorate public opinion, and how new practices or laws will impact their finances in term of heightened security or calculations of damages (see e.g. Curry v. AvMed, Inc. and Target’s estimated accrual of $252 million dollars in assorted data breach costs http://www.nytimes.com/2015/03/20/business/target-settlement-on-data-breach.html?_r=0).
Social and Ethical Impacts of Corporate Data Breaches
With data breaches impacting heath insurance companies, high-volume retailers, wireless carriers, websites, and a host of other professional organizations and business, millions of consumers are directly impacted by these attacks. Once private data has been accessed, concerns arise regarding financial security, preservation of identity, and public fear. Additionally, there are logistical concerns about how soon a company is required to notify customers, in what form the notice should be, how much information a company is required to disperse, and what steps a company should reasonably be expected to take to limit current data loss and prevent future data loss. This panel will discuss the social and ethical implications of major data breaches and the impact on individuals and the public.
 In the Ninth Circuit Court of Appeals, set to be argued on November 2, 2015.