Legislation introduced in the U.S. Senate last month after the Target debacle appears to provide consumer protections in the event of security breaches like the recent Target data theft. But the bill actually undermines the right of victims to justice through the court system. The Data Security Act of 2014 was introduced Jan. 15 by Sens. Tom Carper and Roy Blount.
The stated purpose of the bill is to require companies that accept credit or debit card payments to have policies and procedures in place to protect their data from hackers, to respond to any security breaches should they occur, and to alert consumers of the breach. While that sounds reasonable, the bill actually protects the retailers. If a huge retailer complies with the Act it would be immune from liability for any wrongdoing. It also appears that banks, card companies and other financial institutions are not covered by the Act. Additionally, all state causes of action are preempted by the Act, and the Act expressly bans any private cause of action. In other words, no victim could file a lawsuit under state law or in a state court regardless of how bad the conduct was. Also, the Act would ban class action lawsuits.
I am concerned that this legislation is designed to hurt consumers. I am convinced that the real aim of this legislation is to prohibit an individual from filing a lawsuit and to ban class actions. Essentially this means that a victim cannot file a lawsuit under state law to seek justice for their losses and to hold accountable those who allowed the sensitive information to be compromised. The 110 million Target victims should let their senators know that this is not a consumer-friendly bill.
Lawyers in the Consumer Fraud Section at Beasley Allen have filed two lawsuits related to the major security breach at Target stores that began on or around Nov. 27, just before “Black Friday,” and continued through at least Dec. 15, which allowed hackers access to customers’ credit and debit card information. The first was a class action lawsuit filed on Dec. 20 on behalf of consumers whose information was compromised. A second class action lawsuit was filed on Dec. 30 on behalf of Alabama State Employees Credit Union for financial losses resulting from defrauded deposits of financial institution members and customers, as well as costs associated with closing accounts, reissuing new checks, debit cards and credit cards as a result of Target’s data breach.
I fear we in America have only seen “the tip of the iceberg” when it comes to breaches of their personal information. Shortly after Target admitted customer credit and debit card information was stolen from the point of sale systems in its stores, the company also had to admit that additional personal information had been stolen from even more customer accounts, including names, addresses and email addresses. Another retailer, Neiman Marcus, also recently admitted its computer network was hacked as far back as July, and only in mid January of this year was the hack discovered and contained. Hacking has been happening, but not to this scale. Unfortunately, I don’t believe that it will stop. The Federal Trade Commission and Congress have a direct responsibility to change our system, and until they do so, it’s open season on consumers.
Contact us today for a free legal consultation with an experienced attorney.
Fields marked *may be required for submission.
If you would like to subscribe to the Jere Beasley Report digital edition, simply visit our Subscriptions page and provide the necessary information or call us at 800-898-2034.
Attorney Advertising - Prior results do not guarantee a similar outcome.