(U. S. Law and generally) There was a point in time where people simply had to make sure that their personal data was shredded before throwing it away to protect them. In the modern world, however, technological advances have left almost everyone’s personal and financial information in the hands of companies that they trust. Unfortunately for these companies, there are those out there who want nothing more than to get their hands on all of this data. It’s important to understand the several reasons that data protection should be taken seriously by every company that does business in the U.S.
Cybercrime on the Rise
The first thing that CEO’s and business owners should worry about is the fact that Internet crimes are on the rise. The F.B.I. reported a rise in cybercrime back in 2009, but a recent Norton report showed that this serious crime is still a growing problem. The report showed that the global cost related to these types of crimes over the past year topped out at around $388 billion. This number includes losses suffered by around 556 million individuals.
Insider Data Theft
Most companies have individuals in charge who understand the necessity of cyber security. They want to protect their customers’ information to maintain their reputation and keep their clients happy. Because of this, most business owners invest a great deal in software that keeps hackers out of their clients’ information. Unfortunately, whether you ask an Orlando Criminal Team or a lawyer in San Diego, the biggest threat to a company’s customer data actually comes from the inside. Many times employees will find themselves in a compromised situation, without even knowing how it happened.
The Global Fraud Report found that in 2012, sixty-seven percent of companies who had to deal with an occurrence of fraud had to do so because of a perpetrator who worked within the company. It’s easy to think that the only threat faced by consumer data is that of faceless individuals sitting in a dark room with a computer, but when one considers how much access an employee has to clients’ personal information; it becomes apparent that insider data theft can be a huge problem.
Company Liability for Data Breaches
Whether a company suffers a data breach due to a hacker or an insider, they face serious liabilities. Courts have begun allowing class action lawsuits to go forward against companies that are perceived as not having taken appropriate measures in protecting other people’s personal information. Businesses can face liability regardless of whether it’s their customers’ or employees’ private data that is stolen.
Companies were once able to avoid serious financial obligations caused by data breaches if the people whose data was stolen couldn’t prove real damages. This, however, has significantly changed. In two cases, one against Starbucks and the other against Purchasing Power, individuals who had suffered no financial damages were allowed to bring lawsuits against companies who had experienced data breaches.
The people affected by these breaches suffered no financial loss due to the fact that their personal data wasn’t used by the criminals, but the judges involved felt that the failure to protect the information was enough to warrant a lawsuit. This means that even if a company’s clients or employees are unscathed by the theft of their personal information, the company can still face serious financial liability.
What this means for Companies
The main point to draw from all of the available information on data theft is that companies need to work hard to protect private data. This means that both cyber and physical security should be prioritized. Cyber security can prevent infiltration by those outside of a company while physical security can help prevent the theft by employees of company property that contains personal information.
It’s also important for companies to avoid linking information to specific clients if at all possible. Unfortunately, data breaches can still occur. When this happens, it’s imperative for a company to have an effective notification system in place. The quicker clients and employees are notified of potential data breaches; the quicker they can respond and minimize damages. Not only will these steps protect others’ personal information, they will show the courts that proper measures were taken to try to prevent this type of breach.
It’s sad that we live in a world where people are dishonest enough to steal personal information for their own financial gain. These deceitful individuals can be miles away in their parent’s basement or in the third floor call center of a cable company affected by the crime. The consequences for a company that suffers a data breach are immense, so it’s important that they fully understand the issue and have protections in place to prevent and respond to a breach.
Kelly Kovacic is a paralegal who stays on top of the latest cyber and physical security laws and contributes articles for the legal community. The Orlando Criminal Team of Katz & Phillips, P.A. has years of the necessary experience to challenge and disprove the evidence of the accused- which can make a critical difference in the quality of life for anyone charged with cybercrime.