Michael Breslin, Christian Henel, Jon Neiditz, and Gunjan Talati of Kilpatrick Townsend & Stockton LLP write:
The United States District Court for the District of Columbia recently endorsed private citizens bringing data breach claims directly against a government contractor where the contractor failed adequately to safeguard the citizens’ personal information. In McDowell v. CGI Federal Inc., No. 15-1157, 2017 WL 2392423 (D.D.C. June 1, 2017), the district court ruled a private party can survive a contractor’s motion to dismiss by claiming to be an “intended beneficiary” of terms commonly found in government contracts involving the storage or transmission of sensitive consumer information. This ruling potentially expands class action liability exposure for government contractors who receive consumers’ personal information during the course of performing government contracts.
Read more on JDSupra.