On Wed, Apr 11, 2012 at 1:22 AM, Kevin W. Wall <[email protected]> wrote: > On Tue, Apr 3, 2012 at 9:35 AM, ianG <[email protected]> wrote: >> >> [Big SNIP] >> > > The big risk in having CCs or banking info stolen is the subsequent > (usually class action) lawsuits that usually follow. So these things are > done as part of following industry "best practice", in which case you can > at least claim that you've done due diligence and if you lose, at least the > claimants in the lawsuit are awarded treble damages. Rarely (if ever) happens. Judges usually don't certify the suit because claimants cannot demonstrate loss.
I am only aware of one recent case that showed otherwise. The judge used common sense and realized folks should be able to purchase credit monitoring and be compensated for their time in dealing with the mess created by the negligent party. I don't have a reference at the monment - the Dataloss DB Mailing List is not easily searchable. In the past, I have even had law enforcement agencies visit me for criticizing the assholes in charge for their decision. (Judges and Politicians). For example, I got a visit from the marshalls when I suggested Judge Buckles and his family should enjoy being the victims of a data breach due to his ruling in Amburgy v. Express Scripts, Inc.. I hoped he would make better decisions if he were a victim. They don't like it when you wish upon them to "eat their own dogfood". >> [Big SNIP] Jeff _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
