A change in emphasis in disputes over data security breaches is coming. To date, the focus has been on issues and potential damages arising from the breach itself and the subsequent loss of private, personal information. In light of recognized delays from both Equifax and Uber, combined with the confusing array of breach notification responsibilities, we believe 2018 will see a growing emphasis on disputes arising from a corporation’s delay in notifying the public, the affected individuals and regulatory bodies about the breach.

A Multitude of Disclosure Obligations