Derek Bambauer writes:
It’s the most wonderful time of the year… for data breaches.Target may have compromised as many as 40 million credit and debit cards used by shoppers in their stores. What liability will they face?
At George Mason’s excellent workshop on cybersecurity, there was a spirited debate over the mechanisms of enforcing security standards. (This in large measure derives from Woody Hartzog and Dan Solove’s excellent paper on the FTC’s enforcement work, which they analogize to the development of the common law in tort, among other areas.) Those who criticize the FTC prefer, generally, the use of tort to regulate cybersecurity. And, their critique often accuses the FTC of neglecting to consider the offsetting consumer benefits of failing to invest in cybersecurity (15 USC 45(n)). I think those arguments are profoundly misguided. Here’s why:
Read more on Info/Law.