Judge Says Don't Sweat The Data Leaks

from the thanks-for-looking-out dept

A judge in Minnesota ruled last month that Wells Fargo wasn't negligent in a recent data leak when a contractors' laptop was stolen -- not because they took adequate precautions to prevent the leak, but rather because the thieves never used any of the data. The bank was sued by two customers, whose claim for damages was rejected because they couldn't show they'd actually been harmed, which on one level, makes sense. But to say that Wells Fargo or its contractor wasn't negligent in storing customer data unencrypted on a laptop is a stretch. A court ruled in a similar case earlier in the year (also in US District Court in Minnesota) that a company wasn't liable because it had taken "reasonable" precautions to protect data, which, in the case, included storing unencrypted information on a laptop. So with that standard, and this new ruling that says companies are negligent not when unencrypted information is stolen, but only if it's used, do legal consequences give companies much motivation to actually bother to protect customer information in a meaningful way? Of course not. So basically, if customer information gets stolen by a thief that just wants to hawk the laptop, companies have nothing to worry about -- but why should their negligence be defined by the actions of the thief, and not on the actual theft itself?
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Levent, 14 Apr 2006 @ 6:17pm

    They haven't been harmed so far. But what if the data was actually circulated and will cause a harm in the future. How can the future damage is guaranteed by this decision. Do the plaintiffs have a recourse to come back to court again. And why should they have to bear the burden of linking such possible future damage to the actions of WF?

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.