Year of the Hack

Milwaukee Litigation Lawyer Sheds Light On Data Assurance

Even a quick glance at the evening news is enough to make one wonder if 2017 will be known as the “year of the hack.” Data breaches certainly seem rampant. Whether it is the email system of a national political party, the huge user list owned by Yahoo®, or the inappropriate access of personal employee data at a small Milwaukee business, the stakes are high. Business leaders whose firms have been hacked often react with a mixture of embarrassment, fright, and bewilderment. Hacks can be harmful to one’s pride – yes. They can do also serious damage to a business’ bottom line. When it comes to a data breach related to personal information, what rules apply in Wisconsin?

Notice of Unauthorized Acquisition of Personal Information

Wisc. Stat. § 134.98 generally provides that if there has been a security breach affecting “personal” information, notice to the “victims” must be given within a reasonable time, not to exceed 45 days unless a law enforcement agency has determined that such a notice would impede a criminal or civil investigation, or jeopardize homeland security.

What Information is “Personal?”

Generally speaking, “personal information” includes data regarding a person’s:

  • Name
  • Contact details, such as address and telephone number
  • Financial affairs, including relative financial health
  • Purchase records
  • Health records
  • DNA data
  • Unique biometric data, including fingerprint, voice print, retina or iris image, or any other unique physical representation

Liability for Data Breach Can be Broad

Victims of data breaches often file civil actions (both individually and in the form of class-actions) alleging, among other things, negligence, breach of fiduciary duty, and general breach of contract. In most cases, those bringing the civil actions allege the business failed to exercise or incorporate adequate safety mechanisms to keep the information private. The damages can, of course, be expensive in raw dollar terms. Damage to the reputation of a business can be even more significant.

Some third parties – e.g., banks and other financial firms – have also aggressively begun to take action against firms that have suffered data breaches. Such third parties seek to recover the administrative expenses, lost interest, transaction fees, and other losses associated with having to take their own corrective action following the data breach.

Other Costs in Handling the Data Breach

In addition to the cost of dealing with disgruntled customers and third parties, such as banks and credit unions, the business suffering the data breach must also expend money and human resources to restore its computer systems. It may need to spend time and money to restore its reputation. It must bear the cost of notifying affected individuals and, if it is smart, it will invest in a forensic investigation to determine what went wrong and how to prevent the problem from occurring again.

Business Litigation Attorneys

At Kerkman Wagner & Dunn, we provide savvy, strategic, and results-oriented legal representation for both corporate and individual clients in business and commercial litigation. Our litigators bring decades of experience to the complex world in which today’s businesses must operate. We are familiar with Wisconsin’s data breach laws and the many federal laws and regulations that affect area businesses. Our firm has big firm talent and provides small firm attention. For more information regarding our practice and how we can help you, contact the business and commercial litigation attorneys at the law office of Kerkman Wagner & Dunn today. Call us at 414-278-7000 or complete our online contact form.

« »