Cybersecurity, Privacy, & AI

Trending Now
Agriculture Department Kicks Off $300M Palantir Deal on IT, National Security Work • Vercel Attack Fallout Expands to More Customers and Third-Party Systems • Seeing the Cyber in Economic Statecraft • Responding to a Data Breach: How to Preserve the Attorney-Client Privilege • NIST Cyber Center to Launch OT ‘Visibility’ Project
Protests & Claims Newsletter Cyber & Privacy Newsletter Compliance & Enforcement Newsletter Development Newsletter Transforming Procurement Newsletter
Published on May 15, 2018 Cyber

Ninth Circuit’s Zappos Decision is Cautionary Tale for Corporate Victims of Cyberattacks

The U.S. Court of Appeals for the Ninth Circuit reversed a lower court’s dismissal of a consumer data-breach class action against online retailer Zappos.com, a victim of a cybersecurity breach, in part because Zappos recommended after the breach that its customers whose personal information was compromised change their passwords.

According to the Ninth Circuit, Zappos’ recommendation was effectively an admission that its customers faced a risk of fraud from the breach that was sufficient to give them standing to sue under Article III of the U.S. Constitution. The Zappos decision highlights a growing split among courts of appeals as to whether a corporate cybersecurity-breach victim’s efforts to assist its customers in the wake of the breach should weigh in favor of those customers’ standing to sue.

More at Ropes & Gray

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–SaturdaySubscribe here.

© PubKGroup 2024