In the immediate aftermath of the Delaware Supreme Court’s 2019 decision in Marchand v. Barnhill, which revitalized so-called Caremark claims for breach of the duty of oversight, one question I was asked was whether claimants might seek to assert breach of the duty of oversight claims in the context of cybersecurity and data privacy issues. Claimants did, in fact, subsequently raise Caremark claims in connection with the high-profile date breaches at Marriott and SolarWinds, but in each case, the Delaware Chancery Court granted the defendants’ motions to dismiss (as discussed here and here, respectively), raising questions about the viability of duty of oversight claims in the cybersecurity context.

Notwithstanding the less than promising track record for these kinds of claims, in a recent article, NYU Law Professor Jennifer Arlen argues that cybersecurity-related claims for breach of the duty of oversight should support Caremark liability in at least one class of cases – that is, cases relating to companies for whom cybersecurity is a “mission critical legal risk” and in which it is alleged that the company had inadequate cybersecurity that risked (and later caused) substantial harm to businesses and government agency customers, and that the company had misled the customers through statements that were designed to defraud the customers into believing that the company’s cybersecurity systems were materially better than they were. Professor Arlen’s March 18, 2025, post on the Harvard Law School Forum on Corporate Governance about Caremark claims in the cybersecurity context can be found here.Continue Reading Cybersecurity and the Duty of Oversight

The FDIC as receiver of the failed Silicon Valley Bank has filed a negligence and breach of fiduciary duty action against the bank’s former directors and officers. The complaint alleges that it the FDIC’s lawsuit is “a case of egregious mismanagement of interest-rate and liquidity risks by the Bank’s former officers and directors.” The complaint seeks to recover the “billions of dollars in damages caused by the negligence, gross negligence, and breaches of fiduciary duty.” A copy of the FDIC’s complaint can be found here.Continue Reading FDIC Files Liability Action Against Former SVB Executives

In a ruling last week, Delaware Vice Chancellor Travis Laster denied motions to dismiss in the shareholder derivative suit against Facebook executives for failing over the course of several years to protect users’ data privacy. The alleged privacy violations to which the lawsuit relates were the subject of a massive $5 billion penalty that Facebook agreed to pay to the FTC to settle charges that the company had violated a 2012 consent order relating to protecting users’ privacy. As discussed in a May 10, 2023, Law360 article (here), Vice Chancellor Laster made his ruling from the bench in a telephonic hearing. Vice Chancellor Laster’s ruling is also discussed in a May 10, 2023, Associated Press article (here). As discussed below, Vice Chancellor Laster’s ruling underscores the extent to which privacy-related issues represent an area of significant corporate liability exposure.Continue Reading Court Denies Dismissal Motion in Facebook User Data Privacy Derivative Suit

Jonathan Meer

In the following guest post, Jonathan Meer answers the question of how the crypto asset meltdown has translated in to D&O claims. Jonathan is a Partner in the Wilson Elser law firm’s New York office. I would like to thank Jonathan for allowing me to publish his article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to the blog’s readers. Please contact me directly if you would like to submit a guest post. Here is Jonathan’s article.Continue Reading Guest Post: The Midas Curse? How Cryptocurrency Has Impacted Directors and Officers

Over the last few years, I have posted numerous items citing examples were sexual misconduct allegations or a hostile workplace environment have led to D&O claims. Many of these kinds of suits followed in the wake of the #MeToo movement. The fact that these kinds of allegations can lead to D&O claims is well understood in the D&O insurance industry. However, I know from recent conversations that some in the industry believe that the risk of these kinds of D&O claims has diminished as the #MeToo movement has evolved. However, recent events at the gaming company Activision Blizzard shows that unfortunately the kinds of underlying allegations that have led to claims are not a thing of the past; as discussed below, Activision Blizzard has now been hit with a securities suit based on underlying sexual misconduct and discrimination allegations.
Continue Reading Sexual Discrimination and Harassment Allegations Lead to Securities Suit

Sarah M. Abrams, Esq.

An important corporate governance topic – but a subject that I frankly have not addressed frequently this site – is the topic of executive compensation. In the following guest post,  Sarah Abrams, Director, Management Liability Claims at Markel, examines the recent rise in D&O litigation involving executive compensation. I would like to thank Sarah for allowing me to publish her article on this site. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit a guest post. Here is Sarah’s article.
Continue Reading Guest Post: As Equity Markets Surge, Carriers Need to Examine D&O Governance Exposure

In prior posts on this site, I have identified privacy-related issues as a potentially important source of future D&O claims. In making these projections, one thing I had in mind was the possibility of claims as a result of the enforcement of the EU’s General Data Protection Regulation, which went into effect in May 2018. There have in fact already been GDPR-related securities class action lawsuits filed in the U.S., including the securities suit filed in August 2018 against U.K.-incorporated media tracking company Nielsen Holdings. In a January 4, 2021 opinion, Southern District of New York Judge Jesse Freeman granted in part and denied in part the defendants’ motion to dismiss the Nielsen Holdings lawsuit. Of significance to the questions concerning privacy-related claims, the plaintiff’s allegations concerning defendants’ statements after GDPR went into effect about the GDPR’s impact on the company survived the dismissal motion. A copy of Judge Furman’s opinion can be found here.
Continue Reading GDPR-Related Securities Suit Against Nielsen Holdings in Part Survives Dismissal Motion

In the following guest post, Umesh Pratapa takes a look at directors’ liability issues under Indian law, and also examines the protections that are available for directors as well. Umesh is a Consultant – Liability Insurance, in India. Umesh’s article was originally published in the July 2020 issue of “Director Today”, a monthly journal of the Institute of Directors (IOD), India. Reproduced with the kind permission of the publisher, Institute of Directors, India. I would like to thank Umesh for allowing me to publish his article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to this site’s readers. Please contact me directly if you would like to submit a guest post. Here is Umesh’s article.
Continue Reading Guest Post: Director’s Liabilities: Prevention and Protection – Ports of Call for Relief

Francis Kean

As long time readers know, I have long been warning that climate change-related issues could have a significant impact on directors and officers liability exposures. In the following guest post, Francis Kean provides a summary outline of the specific litigation exposures that corporate directors and officers may face as a result of emerging climate change-related concerns. Francis is Executive Director FINEX Willis Towers Watson. Francis will be joining McGill and Partners in early spring 2020. I would like to thank Francis for allowing me to publish his article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit a guest post. Here is Francis’s article.
Continue Reading Guest Post: Climate Change Litigation Threats to Directors and Officers