The Hatrford Business Journal reported on September 3, 2008 that more and more corporations are now taking out insurance to cover expenses, primarily resulting from lawsuits filed by customers for loss of private information pertaining to the customers (see http://www.hartfordbusiness.com/news6450.html).
So far, 44 states in the U.S. have passed laws or enacted acts that specify how customers should be notified of data breaches. Connecticut passed such as Act (Sec. 36a-701b. Breach of security re computerized data containing personal information. Disclosure of breach. Delay for criminal investigation. Means of notice. Unfair trade practice.) in 2006.
While the move by corporates to insure themselves against such a liability is understandable, I wonder who is likely to bear the additional cost of this - will it be passed on to the same customers who are suing them for losing the information in the first place?
Another question is whether such laws are effective at all, when they become too cumbersome and almost impossible to actually implement.
-Ramesh Subramanian
No comments:
Post a Comment