Lisa A. Carroll, Martin B. Robins, David G. Kern and James M. Fisher II of Fisher Broyles write:
A recent 11th Circuit case may – if followed elsewhere and not reversed by the US Supreme Court – reduce a company’s potential exposure under conventional contract language requiring sensitive materials to be held in confidence. Many companies have been concerned that such language would make them liable if they were the victim of a third-party data breach as opposed to an intentional disclosure by one of their employees or contractors.
[…]
In Silverpop v. Leading Market Technologies, 2016 U.S. App. LEXIS 196, the US Court of Appeals for the Eleventh Circuit held that losses associated with a data breach “are best characterized as consequential” and recovery on a contract claim should be barred when the contract contains a prohibition the award of consequential damages. The Court further found that negligence claims for such data breaches would be barred due to the lack of an applicable standard of care, as well as by the economic loss rule. Thus, absent proof of negligence or specific contractual language that is on-point, a data breach of itself does not constitute a breach of the obligation to take reasonable measures to safeguard confidential material under a confidentiality provision.
Read more on Lexology while I go pour some more coffee and try to find someone to translate this into non-legalese for me.
The Court further found that negligence claims for such data breaches would be barred due to the lack of an applicable standard of care, as well as by the economic loss rule. Where is this information?
I’m not sure I understand your question. What information are you asking about? The information that they say doesn’t exist or are you asking something else?
Its a poorly wriiten original post.
It seems to be wrapped around more than one issue.
The way I read it is simple. Its main focus seems to be on insurance claims. The focus seems to be on “consequentia” damages.
Looks like there would be no reward for normal losses, since breaches are considered “consequential” and if this “consequentia coverage” was not offered, or opted out, the company was not covered.
Furthermore, it looks like NO coverage is provided if the company or entity is found negligent, due to the lack of an applicable standard of care, as well as by the economic loss rule.
The sentence ” Thus, absent proof of negligence or specific contractual language that is on-point, a data breach of itself does not constitute a breach of the obligation to take reasonable measures to safeguard confidential material under a confidentiality provision. ”
Is Rubbish. It talks in circles. Maybe if one Hits the hard stuff as they might have when they wrote that, one too can understand the twisted intent.
It’s written for lawyers and their clients, and I think it’s actually raising an important point, because I have seen lawsuits attempt to claim breach of confidentiality clause due to a data breach. Could it have been written more clearly for a general public? Sure, but that’s not their target audience.