Fenwick privacy and cybersecurity counsel Hanley Chew spoke to Law360 about the most notable 2017 legal and policy developments in this practice area, including global cyberattacks, massive data breaches that put the spotlight on company data security practices and several noteworthy court decisions related to privacy plaintiffs’ standing to sue.
Chew spoke about some of the legal ramifications related to Equifax’s data breach that potentially exposed the personal information of 143 million Americans to Law360, noting that the breach changed people's perception of the potential scope of impact. “It was notable not only for the sheer amount of people involved, but also because Equifax is one of the three major credit reporting agencies that provide identity theft prevention services that people generally rely on after a breach and, in this role, holds all this personal information about consumers that could be used as the basis for identity fraud.”
Chew noted that more than a year after the landmark Spokeo v. Robins decision, lower courts continue to take divergent positions. “We're seeing circuits developing certain inclinations about the way to interpret Spokeo, and that's creating two totally different standards and a definite circuit split that will likely work its way up to the Supreme Court.”
He also discussed the escalation of disputes between the government and private sector over access to user data, with the Supreme Court agreeing to hear privacy cases that could clearly delineate the roles of each side.
"One thing we saw the past year and will continue to see in 2018 is the tension between the government and the tech sector in terms of privacy and in terms of notification to subscribers," Chew said.
The full article is available on Law360 (subscription required).