Should The SEC Allow For A SOX-Less Market? >>
<< Major League Baseball Deletes Popular MySpace...
 tdicon 

Legal Issues

by Mike Masnick

Fri, Aug 24th 2007 2:07pm


Filed Under:
data leaks, liability

Companies:
old national bancorp


No Harm, No Foul In Yet Another Data Leak Case

from the yet-again dept

Over the last few years we've been hearing story after story after story about data leaks. These kinds of leaks didn't just start happening, but we're finally hearing about them because of new laws that require disclosure. One of the big problems is that there's very little risk to companies if they leak someone's data. They issue an apology, agree to pay for one year of credit monitoring and go back to storing data in easily leaked ways. Not surprisingly, many of the folks whose data was put at risk don't feel that's adequate and have tried to sue over the matter, but in a decision that mimics earlier decisions the 7th U.S. Circuit Court of Appeals has said that those suing Old National Bancorp have no right to sue, because nothing was actually done with the leaked data. In other words, since they weren't directly harmed, they don't have standing to sue. You can understand the legal reasoning here, but it still makes you question why simply leaking data shouldn't be considered negligence on the part of these companies, even if the data wasn't later used for criminal purposes?
8 Comments | Leave a Comment
Get a free 1-year subscription to the Techdirt Crystal Ball when you sign up for VPN service from Private Internet Access.

If you liked this post, you may also be interested in...

Reader Comments (rss)

(Flattened / Threaded)

  1. identicon
    Matt Bennett, Aug 24th, 2007 @ 2:11pm

    Well, it's kinda like driving drunk PAST someones kid. You can't be sued, cuz you didn't hit the kid. You could be arrested for drunk driving, though, if y'know, there was a law against that. But there's not.

    reply to this | link to this | view in thread ]

  2. identicon
    Overcast, Aug 24th, 2007 @ 2:33pm

    A key word here could very well be, "Yet...."

    reply to this | link to this | view in thread ]

  3. identicon
    Anonymous Coward, Aug 24th, 2007 @ 3:10pm

    "the 7th U.S. Circuit Court of Appeals has said that those suing Old National Bancorp have no right to sue, because nothing was actually done with the leaked data."

    That's BS. It's personal information given to a company with the promise that it will be kept private. It seems that the Old National Bancorp has probably made some hefty political 'donations' recently.

    reply to this | link to this | view in thread ]

  4. identicon
    Ronnie Moore, Aug 24th, 2007 @ 3:56pm

    plain sense

    Even if said data is not used these companys are setting themselves up for a major lawsuilt if a number of people's data is used for illegal purpsice. It would simply be eaiser and cheaper to close the barn door before the horse gets out.

    reply to this | link to this | view in thread ]

  5. identicon
    Anonymous Coward, Aug 24th, 2007 @ 5:34pm

    One required element for suing for negligence is injury/damage. As the above poster wisely put it, I can't sue because I was "Almost" hit by the drunk driver. However, an interesting thread to follow will be if some of the information is eventually used, when will the statute of limitations start? upon the breach or the actual harm?

    Has anyone ever discussed copyrighting their personal information, and only "licensing" it to the banks and credit card companies? then upon breach, suing under the DMCA?

    reply to this | link to this | view in thread ]

  6. identicon
    Anonymous Coward, Aug 24th, 2007 @ 7:38pm

    hearing about them because of new laws

    I hate to say it but we need more laws to make these breaches illegal in themselves, and enforcing serious punishment for corporate officers.

    Why corporate officers? Because they are responsible for running the company. They sure take credit when profits are made.

    reply to this | link to this | view in thread ]

  7. identicon
    barren waste, Aug 25th, 2007 @ 6:39am

    hmmm

    At the very least it sounds like breach of contract to me. The bank promised to keep the information confidential and then failed to deliver on that promise. Maybe we should all overdraw accounts there, promise to pay it back, then fail to do so. Thats fair isn't it?

    reply to this | link to this | view in thread ]

  8. identicon
    Clueby4, Aug 27th, 2007 @ 3:07pm

    Lets use this logic on Civil Copy Right Infringeme

    Let them use that logic on civil copyright infringement cases.

    The real problem is that there are not real criminal penalties for privacy breaches. Which there should be, since it might force some companies, with dubious justifications, not to require and/or retain personal information.

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Should The SEC Allow For A SOX-Less Market? >>
<< Major League Baseball Deletes Popular MySpace...
 tdicon 
Follow Techdirt
Super-Early Holiday Gear Sale

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories

Friday

19:39 'When Is A Chair Just A Chair?' And Other Annoying Copyright Questions (2)
15:54 Judge Says No Way To Attorneys General Looking To Block IANA Transition (10)
14:28 Government Agencies Apparently Not Interested In Following Congressional Directives On Overclassification (3)
12:55 Border Patrol Agent Caught Watching Porn On The Job Blames The Internet Filter For Not Stopping Him (13)
11:38 Facebook Video Metrics Crossed The Line From Merely Dubious To Just Plain Wrong (3)
10:37 CIA Took Three Years To Reject FOIA Request For Criteria For Rejecting FOIA Requests (10)
10:30 Daily Deal: The Ultimate Software Testing Bundle (0)
09:39 Intel Community To Institute Actual Whistleblower Award For 'Speaking Truth To Power' (31)
08:33 U.S. Court Of Appeals Upholds Ruling That New Hampshire's Silly Ballot Selfie Ban Violated The First Amendment (25)
06:30 A Massive Cable Industry Disinformation Effort Just Crushed The FCC's Plan For Cable Box Competition (35)
More arrow
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.