Many contracts between companies and their service providers have broad indemnification provisions. How do those provisions apply in the context of a privacy breach? Today’s post looks at that question—in particular, a recent federal decision called CVS Pharmacy, Inc. v. Press America, Inc. Misdirected Mailings Lead to Major Fee Adjustment […]
One might expect N.C. Gen. Stat. § 75-1.1 to play a big role in data-breach litigation. The statute, after all, offers the prospect of treble damages and attorney fees. But, historically, it hasn’t. Only three decisions—from federal courts in 2009, 2014, and 2017—appear even to have considered 75-1.1 claims in […]
Yesterday’s post examined Sackin v. TransPerfect, Inc., where an employer suffered a data breach involving its employees’ sensitive information. After the employees sued, a federal court in New York refused to dismiss claims based on theories of negligence and breach of contract. Today’s post examines another federal case with similar […]
As we’ve previously discussed, companies are often sued by their customers and business partners after a data breach. Another increasingly common source of data-breach litigation comes from within: companies’ own employees. That’s because almost every business collects social security numbers, bank account information, and other sensitive personal information to […]