In numerous prior posts I have examined efforts by plaintiffs’ attorneys to try to impose civil liability on corporate executives in D&O claims following cyber security incidents. Two recent cases show that, in addition to potential civil litigation liability exposure, corporate executives may also face potential regulatory liability and even criminal liability exposure for cyber security incidents at their company. The two recent cases are discussed in an October 27, 2022 memo from the White and Case law firm, here.
Continue Reading Corporate Executives Face Personal Liability Exposure for Cyber Incidents
Massive Facebook Settlements Underscore Privacy’s Importance as Corporate Risk
On July 24, 2019, in a development that underscores the heightened significance of privacy-related issues, the Federal Trade Commission (FTC) announced that Facebook will pay a record-breaking $5 billion penalty and submit to new restrictions and a modified corporate structure. In a related development, the Securities and Exchange Commission (SEC) also announced that Facebook had agreed to a $100 million settlement to resolve the agency’s allegations that the company misled investors regarding the risk of misuse of Facebook user data. Both agency actions followed the March 2018 revelations data analytics firm Cambridge Analytica had obtained access to user data of millions of Facebook users. The FTC’s July 24, 2019 press release about the $5 billion penalty can be found here. The SEC’s July 24, 2019 press release about the $100 million settlement can be found here.
Continue Reading Massive Facebook Settlements Underscore Privacy’s Importance as Corporate Risk