DATA PRIVACY AND CYBER SECURITY DISPUTES

CD: Could you provide an overview of the critical risks for companies arising in connection with data privacy and protection? To what extent can weaknesses in cyber security lead to disputes?

Crane: The looming threat of data breaches and ransomware attacks remains a significant risk for companies, stemming from hacking, insider threats or inadequate security measures. The repercussions extend far beyond initial investigation and remediation. After notifying regulators and affected individuals, companies often face a prolonged period of costly litigation, class actions, negotiations and ongoing monitoring. Aside from data incidents, regulatory investigations and enforcement pose another substantial risk. With regulators allocating more resources to probe complaints and conduct independent investigations, organisations found non-compliant face severe consequences. These investigations often arise from insufficient security controls or the excessive use and disclosure of personal data. The financial and reputational damage from these risks can be devastating, underscoring the need for robust cyber security measures and strict adherence to data protection regulations.

Jan-Mar 2025 issue

BDO

Gibson, Dunn & Crutcher LLP

Join our free mailing list to read the full article