HomeWebcastData Breach Class Action Lawsuits on the Rise: How to Bullet-Proof Your Company from Data Breach Liability
ata Breach Class Action Lawsuits CLE/CPE CLE

Data Breach Class Action Lawsuits on the Rise: How to Bullet-Proof Your Company from Data Breach Liability

Live Webcast Date: Tuesday, March 15, 2016 from 12:00 pm to 2:00 pm (ET)
CLE-LegalRecording

ata Breach Class Action Lawsuits CLE/CPE

Join us for this Knowledge Group ata Breach Class Action Lawsuits CLE/CPE Webinar. On an almost daily basis, U.S. companies become victims of data security breaches through which cyber criminals obtain not just the credit card information of the clients but also the people's home addresses, social security numbers and more. Often, these companies are left with no choice but to face class-action suits which usually demand millions of dollars for settlement.

Recent data breaches in the last two years involved retailers like Neiman Marcus and the craft store Michaels. Hackers installed malware to the companies' point-of-sale (POS) terminals allowing the theft of their shoppers' credit and debit card numbers. But high-profile data breaches involving Target in late 2013, followed by Home Depot in 2014 and the Canadian dating site Ashley Madison in July 2015, eclipsed all of the others.

Since it seems that breaching data systems has become an everyday success for cyber criminals, companies should, therefore, adopt effective data protection measures including sound security system for protection, early fraud detection and robust cyber insurance policies.

This course offers an overview of the latest trends with respect to recent data breach class action lawsuits. Speakers will offer best practices in developing and implementing effective data protection measures to minimize the risks of data breach and, consequently, avoid potential liability.

In a two-hour webcast, the speakers will discuss:

  • Overview of the Current Data Breach Climate
  • Minimizing the Risk and Impact of Data Breach
  • Data Breach: Before, During and After
  • Breach Notification Obligations
  • Successful Data Security in an Organization
  • Ashley Madison: Hack and Consequences
  • Top 10 List for Data Breach Response
  • Seventh Circuit Ruling on Remijas v. Neiman Marcus Group
  • FTC authority and data security standards after Wyndam.
  • Recent cases re: standing and damages
  • Pending cases and proposed legislation to watch
  • Recent cases re: cyber-security insurance
  • Developments in class litigation including arbitration clauses and no damage cases

Agenda

SEGMENT 1:
Matthew S. Borick, Director
Downs Rachlin Martin PLLC
  • The “numbers” are staggering:
    • 60,000 new pieces of malware created each day
    • 3 to 4 breaches in the U.S. each day
    • Average cost of a breach = $6.5 million (>$200 per record)
  • Data breaches come in all shapes and sizes, and the range of perpetrators and motives is varied.
  • Complete prevention is virtually impossible, so the focus must be on minimizing risk and impact.
  • Data breaches have a before (plan/prepare adequately), during (detect early), and after (respond effectively).  The ”before” is the most important part – the time to prepare is not when you are hit with a breach.
  • Breach notification obligations may extend far beyond the state in which your business is physically located, based upon the data breach laws in place in the various states of residence of those whose data you store, use, etc.
  • Successful data security in an organization requires 100% commitment, and a little common sense.

SEGMENT 2:
Steven D. Atlee, Partner
Stroock & Stroock & Lavan LLP

Ashley Madison:  Hack and Consequences

  • Overview/Chronology of Key Events
  • Security Vulnerabilities
  • Consequences, Expected and Unexpected
  • Ensuing Litigation and Key Legal Issues
  • Lessons Learned

SEGMENT 3:
Karla Grossenbacher, Partner
Seyfarth Shaw LLP

Top 10 List for Data Breach Response

  • Identify A Data Breach Response Team
  • Lay the Foundation for Privilege
  • Verify the Data Breach
  • Conduct an Investigation
  • Assess Risk
  • Develop a Notification Plan
  • Develop a Communication Plan
  • Decide Whether You Will Offer Remediation Services to Affected Individuals
  • Taking a Step Back
  • Have a Written Data Breach Response Plan

SEGMENT 4:
Francis A. Citera, Shareholder
Greenberg Traurig, LLP
  • The Seventh Circuit recently ruled that a data breach plaintiff may have standing based strictly on an alleged impending harm. The Seventh Circuit concluded that plaintiff’s alleged facts supported the finding that the plaintiff had standing to bring claims against a retailer for the imminent harms of future fraudulent credit card charges or identity theft. The court emphasized that the risk of fraudulent charges or identity theft in this instance is ‘‘very real’’ – noting that the plaintiff alleges that the data breach occurred when hackers deliberately targeted the retailer to steal credit card information. Given this alleged fact, the Seventh Circuit determined that ‘‘Neiman Marcus customers should not have to wait until hackers commit identity theft or credit-card fraud in order to give the class standing, because there is an ‘objectively reasonable likelihood’ that such an injury will occur.’’ 

SEGMENT 5:
Krishna B. Narine, Partner
Meredith & Narine, LLC
  • FTC authority and data security standards after Wyndam.
  • Recent cases re: standing and damages
  • Pending cases and proposed legislation to watch
  • Recent cases re: cyber-security insurance
  • Developments in class litigation including arbitration clauses and no damage cases

Who Should Attend

  • Privacy and Data Lawyers and Consultants
  • Data Security Professionals
  • Privacy and Data Management Officers
  • Top Level Management
  • Members of the General Counsel
  • Private and Public Companies
  • Other Related/Interested Professionals and Organizations

ata Breach Class Action Lawsuits CLE/CPE

SEGMENT 1:
Matthew S. Borick, Director
Downs Rachlin Martin PLLC
  • The “numbers” are staggering:
    • 60,000 new pieces of malware created each day
    • 3 to 4 breaches in the U.S. each day
    • Average cost of a breach = $6.5 million (>$200 per record)
  • Data breaches come in all shapes and sizes, and the range of perpetrators and motives is varied.
  • Complete prevention is virtually impossible, so the focus must be on minimizing risk and impact.
  • Data breaches have a before (plan/prepare adequately), during (detect early), and after (respond effectively).  The ”before” is the most important part – the time to prepare is not when you are hit with a breach.
  • Breach notification obligations may extend far beyond the state in which your business is physically located, based upon the data breach laws in place in the various states of residence of those whose data you store, use, etc.
  • Successful data security in an organization requires 100% commitment, and a little common sense.

SEGMENT 2:
Steven D. Atlee, Partner
Stroock & Stroock & Lavan LLP

Ashley Madison:  Hack and Consequences

  • Overview/Chronology of Key Events
  • Security Vulnerabilities
  • Consequences, Expected and Unexpected
  • Ensuing Litigation and Key Legal Issues
  • Lessons Learned

SEGMENT 3:
Karla Grossenbacher, Partner
Seyfarth Shaw LLP

Top 10 List for Data Breach Response

  • Identify A Data Breach Response Team
  • Lay the Foundation for Privilege
  • Verify the Data Breach
  • Conduct an Investigation
  • Assess Risk
  • Develop a Notification Plan
  • Develop a Communication Plan
  • Decide Whether You Will Offer Remediation Services to Affected Individuals
  • Taking a Step Back
  • Have a Written Data Breach Response Plan

SEGMENT 4:
Francis A. Citera, Shareholder
Greenberg Traurig, LLP
  • The Seventh Circuit recently ruled that a data breach plaintiff may have standing based strictly on an alleged impending harm. The Seventh Circuit concluded that plaintiff’s alleged facts supported the finding that the plaintiff had standing to bring claims against a retailer for the imminent harms of future fraudulent credit card charges or identity theft. The court emphasized that the risk of fraudulent charges or identity theft in this instance is ‘‘very real’’ – noting that the plaintiff alleges that the data breach occurred when hackers deliberately targeted the retailer to steal credit card information. Given this alleged fact, the Seventh Circuit determined that ‘‘Neiman Marcus customers should not have to wait until hackers commit identity theft or credit-card fraud in order to give the class standing, because there is an ‘objectively reasonable likelihood’ that such an injury will occur.’’ 

SEGMENT 5:
Krishna B. Narine, Partner
Meredith & Narine, LLC
  • FTC authority and data security standards after Wyndam.
  • Recent cases re: standing and damages
  • Pending cases and proposed legislation to watch
  • Recent cases re: cyber-security insurance
  • Developments in class litigation including arbitration clauses and no damage cases

ata Breach Class Action Lawsuits CLE/CPE

ata Breach Class Action Lawsuits CLE/CPE

Matthew S. BorickDirectorDowns Rachlin Martin PLLC

Matt Borick is a Director in Downs Rachlin Martin PLLC’s Litigation and Intellectual Property practice groups.  With a strong background in litigation, Mr. Borick recently shifted his practice focus to the area of privacy and data security, especially as it pertains to both preparing for and responding to data breaches.  Mr. Borick has spearheaded an effort to help businesses storing personally identifiable information recognize the importance of data security, and has been invited to speak at various seminars on the topic.  In addition to publishing several articles touching on privacy and data security issues, Matt has published a Road Map to the Vermont Security Breach Notice Act to help businesses better understand whether the Act applies to a data incident. He has also created a Privacy and Data Breach Audit Framework aimed at helping businesses assess and minimize their exposure to breaches. Mr. Borick is a member of the International Association of Privacy Professionals and the DRI Data Management and Security Committee.

ata Breach Class Action Lawsuits CLE/CPE

Steven D. AtleePartnerStroock & Stroock & Lavan LLP

Steve Atlee litigates complex commercial matters, including class actions, business torts, intellectual property, securities, contract, and other disputes. Mr. Atlee has broad experience handling consumer class actions, unfair competition, false advertising, trademark, trade secrets, patent, professional liability, telecommunications, securities fraud, and property disputes. He routinely first-chairs matters on behalf of his clients before juries, judges, arbitrators, and mediators. Mindful of his clients' business goals, Mr. Atlee approaches cases strategically to achieve the desired outcome in a productive and cost-effective manner.  This can include early motion practice and proactive use of alternative dispute resolution as well as targeted discovery. Mr. Atlee is a Member of the Board of Directors of the American Red Cross, Greater Los Angeles Region and the Western Center of Law & Poverty. He is a member of the Planning Committee for the USC Intellectual Property Institute. Mr. Atlee received his B.A. Summa Cum Laude from Yale University and his J.D., Order of the Coif from USC Gould School of Law.

ata Breach Class Action Lawsuits CLE/CPE

Karla GrossenbacherPartnerSeyfarth Shaw LLP

Ms. Grossenbacher is a partner in Seyfarth Shaw’s Washington, D.C. office concentrating in labor and employment law.  Ms. Grossenbacher serves on the firm’s national Labor and Employment Steering Committee, as well as the Steering Committee of the Firm’s Global Privacy and Security team and is the Chair of the Washington, D.C. labor and employment practice. 

In the privacy area, Ms. Grossenbacher specializes in advising employers on workplace privacy issues, such as advice on employee surveillance and electronic monitoring issues, drafting and implementation of BYOD policies, preparation of electronic communications and social media policies.  Ms. Grossenbacher also specializes in cybersecurity issues for employers, such as incident management with respect to data breaches and preparation of data breach response plans and is a frequent presenter, author and blogger on these issues.  Ms. Grossenbacher has also developed and conducted employee identity theft prevention training for a number of local government agencies.

ata Breach Class Action Lawsuits CLE/CPE

Francis A. CiteraShareholderGreenberg Traurig, LLP

Francis A. Citera is Co-Chair of the firm's Products Liability & Mass Torts Litigation Group and Co-Chair of the Chicago Litigation Practice. Mr. Citera has over 30 years of experience defending purported class actions, toxic tort actions, and other complex litigation in both federal and state courts. He has tried many cases, including an action by the Government to enforce a unilateral administrative order, an allocation case among potentially responsible parties, and a complex product liability, wrongful death case. Mr. Citera also represents clients in putative class action involving alleged “security breaches” with respect to certain personally identifiable information. Mr. Citera has written and spoken extensively on class action litigation, product safety issues and claims for medical monitoring.

ata Breach Class Action Lawsuits CLE/CPE

Krishna B. NarinePartnerMeredith & Narine, LLC

Mr. Narine, who has attained Martindale–Hubbell’s A.V. rating, received his undergraduate degree from Dartmouth College in 1984, and received his law degree from The Georgetown University Law Center in 1987. In addition to representing both plaintiffs and defendants in a wide variety of matters in state and federal courts throughout the United States, Mr. Narine has handled commercial matters including commercial disputes, business entity formation, asset purchases and sales, and real estate transactions.  Mr. Narine has successfully defended putative class actions brought under the Telephone Consumer Protection Act.  In addition, Mr. Narine is involved in data breach class litigation, including Storm et al. v. Paytime, Inc., Case No. 15-3690 (3d Cir.) on appeal from 1:14-cv-01138-JEJ (M.D.Pa.), and In Re Experian Data Breach Litigation, Case No. 8:15-cv-01592-AG-DFM (C.D.Cal.).

He is one of the founding partners of Meredith & Narine. Prior to forming Meredith & Narine, Mr. Narine operated the Law Office of Krishna B. Narine, P.C. from 2004 through 2012.  Also, he is a former partner at Schiffrin & Barroway, and was the manager of its antitrust department. Before his work with Schiffrin & Barroway, Mr. Narine was a partner at Meredith, Cohen, Greenfogel & Skirnick, P.C., a firm which specialized in complex antitrust litigation. While at Meredith Cohen, Mr. Narine was actively involved in complex antitrust litigation for over thirteen years, and played a prominent role in two of the largest antitrust cases in history:

  • In re Nasdaq Market-Makers Antitrust Litigation, MDL No. 1023 (S.D.N.Y.) (settlement of $1.125 billion); and
  • In re Brand Name Prescription Drugs Antitrust Litigation, C.A. No. 94C897 and MDL No. 997 (N.D. Ill.) (settlement of $750 million).

Mr. Narine is Liaison Counsel and one of four Co-Lead Counsel of the indirect purchaser action in In Re: Processed Egg Products Antitrust Litigation, C.A. No. 08-2002, MDL No. 2002 (E.D.Pa.).  Mr. Narine played a prominent role in the indirect purchaser actions in two antitrust class actions in the Eastern District of Pennsylvania, In re Hydrogen Peroxide Antitrust Litigation, MDL No. 1682, C.A. No. 05-666 (E.D.Pa.) and In re Plastic Additives Antitrust Litigation, MDL No. 1684, C.A. No. 05-4157, both of which are among the first indirect purchaser antitrust class actions brought in federal court under the Class Action Fairness Act.  In addition, Mr. Narine has litigated indirect purchaser antitrust class cases in state courts throughout the United States.

ata Breach Class Action Lawsuits CLE/CPE

Course Level:
   Intermediate

Advance Preparation:
   Print and review course materials

Method Of Presentation:
   On-demand Webcast

Prerequisite:
   NONE

Course Code:
   145254

NASBA Field of Study:
   Business Law

NY Category of CLE Credit:
   Skills

Total Credits:
    2.0 CLE

No Access

You are not logged in. Please or register to the event to gain access to the materials and login instructions.

About the Knowledge Group

The Knowledge Group

The Knowledge Group has been a leading global provider of Continuing Education (CLE, CPE) for over 13 Years. We produce over 450 LIVE webcasts annually and have a catalog of over 4,000 on-demand courses.

About the Knowledge Group

The Knowledge Group

The Knowledge Group has been a leading global provider of Continuing Education (CLE, CPE) for over 13 Years. We produce over 450 LIVE webcasts annually and have a catalog of over 4,000 on-demand courses.

Operating from the fundamental belief that anything is possible when imagination and pragmatism live side by side, the 60-plus attorneys of Downs Rachlin Martin help clients achieve their goals. From five offices located in Vermont and New Hampshire, the firm represents clients from a diverse array of regional, national and international entrepreneurs, venture capitalists, technology businesses and Fortune 100 companies. Engage the attorneys of Downs Rachlin Martin, and receive fresh thinking and uncommon value in the areas of business law, data security, labor and employment law, intellectual property, litigation, and energy and telecommunications law. Downs Rachlin Martin: business sense · legal ingenuity.

Website: https://www.drm.com/

Stroock & Stroock & Lavan LLP is a law firm providing transactional, regulatory and litigation guidance to leading financial institutions, multinational corporations, investment funds and entrepreneurs in the U.S. and abroad.  Our emphasis on excellence and innovation has enabled us to maintain long-term relationships with our clients and made us one of the nation’s leading law firms for almost 140 years.  Stroock’s practice areas include capital markets/securities, commercial finance, mergers, acquisitions and joint ventures, private equity, private funds, commodities and derivatives, employment law and benefits, energy and project finance, entertainment, environmental law, financial restructuring, financial services litigation, government relations, insurance, intellectual property, investment management, litigation, national security/CFIUS, personal client services, real estate, structured finance and tax.

Website: https://www.stroock.com/

Seyfarth Shaw LLP has more than 850 attorneys across 13 offices in the U.S. and internationally. Seyfarth represents clients of all sizes across all industries, providing excellent legal service, sophisticated technology and process improvement solutions and ongoing support to each client regardless of size, jurisdiction, industry or legal needs.

The firm’s Global Privacy & Security (GPS) Team is comprised of lawyers from various legal disciplines who dedicate a majority of their practice to the privacy-related issues faced by employers and consumer-facing companies. Numerous leading companies — including financial institutions, hotel franchisees, transportation companies, real estate management companies, software companies, third-party administrators, consumer electronics manufacturers, retail grocery stores and Internet retailers — have enlisted Seyfarth to assist in responding to security incidents, developing responsive programs to privacy and security threats, advising on new business and technology models, and negotiating with parties up and down the supply chain.

Website: https://www.seyfarth.com/

Greenberg Traurig is an international law firm with approximately 1900 attorneys and governmental affairs professionals in 38 offices in the United States, Latin America, Europe, Asia, and the Middle East. Greenberg Traurig provides integrated, business-focused legal services for clients ranging from Fortune 500 corporations to innovative start-ups. The firm’s multidisciplinary teams include senior lawyers who have served as chief legal officers at major multinational companies and have spent years solving real-world problems in the business, political and legal arenas. GT attorneys are at the forefront of class litigation in federal and state courts throughout the United States, at both the trial and appellate levels. GT’s Class Action Practice brings together more than 70 trial lawyers from across the country with class action experience spanning a wide variety of substantive areas and industries, including privacy.

Website: https://www.gtlaw.com/

Meredith & Narine is committed to assisting businesses and entrepreneurs achieve their goals. Whether representing Plaintiffs or Defendants in business disputes, including negotiation trials, arbitrations and mediation, providing business related advice, or identifying government contracting opportunities, assisting with their related solicitations and their management after a bid is won, Meredith & Narine provides timely cost-effective legal services from experienced professionals. At Meredith & Narine, we get the best results at the best price and we are always available to our clients. We provide legal services to clients in the Philadelphia area as well as throughout the nation.  To learn more about our firm, please visit www.m-npartners.com

Website: https://www.m-npartners.com/

Matt Borick is a Director in Downs Rachlin Martin PLLC’s Litigation and Intellectual Property practice groups.  With a strong background in litigation, Mr. Borick recently shifted his practice focus to the area of privacy and data security, especially as it pertains to both preparing for and responding to data breaches.  Mr. Borick has spearheaded an effort to help businesses storing personally identifiable information recognize the importance of data security, and has been invited to speak at various seminars on the topic.  In addition to publishing several articles touching on privacy and data security issues, Matt has published a Road Map to the Vermont Security Breach Notice Act to help businesses better understand whether the Act applies to a data incident. He has also created a Privacy and Data Breach Audit Framework aimed at helping businesses assess and minimize their exposure to breaches. Mr. Borick is a member of the International Association of Privacy Professionals and the DRI Data Management and Security Committee.

Steve Atlee litigates complex commercial matters, including class actions, business torts, intellectual property, securities, contract, and other disputes. Mr. Atlee has broad experience handling consumer class actions, unfair competition, false advertising, trademark, trade secrets, patent, professional liability, telecommunications, securities fraud, and property disputes. He routinely first-chairs matters on behalf of his clients before juries, judges, arbitrators, and mediators. Mindful of his clients' business goals, Mr. Atlee approaches cases strategically to achieve the desired outcome in a productive and cost-effective manner.  This can include early motion practice and proactive use of alternative dispute resolution as well as targeted discovery. Mr. Atlee is a Member of the Board of Directors of the American Red Cross, Greater Los Angeles Region and the Western Center of Law & Poverty. He is a member of the Planning Committee for the USC Intellectual Property Institute. Mr. Atlee received his B.A. Summa Cum Laude from Yale University and his J.D., Order of the Coif from USC Gould School of Law.

Ms. Grossenbacher is a partner in Seyfarth Shaw’s Washington, D.C. office concentrating in labor and employment law.  Ms. Grossenbacher serves on the firm’s national Labor and Employment Steering Committee, as well as the Steering Committee of the Firm’s Global Privacy and Security team and is the Chair of the Washington, D.C. labor and employment practice. 

In the privacy area, Ms. Grossenbacher specializes in advising employers on workplace privacy issues, such as advice on employee surveillance and electronic monitoring issues, drafting and implementation of BYOD policies, preparation of electronic communications and social media policies.  Ms. Grossenbacher also specializes in cybersecurity issues for employers, such as incident management with respect to data breaches and preparation of data breach response plans and is a frequent presenter, author and blogger on these issues.  Ms. Grossenbacher has also developed and conducted employee identity theft prevention training for a number of local government agencies.

Francis A. Citera is Co-Chair of the firm's Products Liability & Mass Torts Litigation Group and Co-Chair of the Chicago Litigation Practice. Mr. Citera has over 30 years of experience defending purported class actions, toxic tort actions, and other complex litigation in both federal and state courts. He has tried many cases, including an action by the Government to enforce a unilateral administrative order, an allocation case among potentially responsible parties, and a complex product liability, wrongful death case. Mr. Citera also represents clients in putative class action involving alleged “security breaches” with respect to certain personally identifiable information. Mr. Citera has written and spoken extensively on class action litigation, product safety issues and claims for medical monitoring.

Mr. Narine, who has attained Martindale–Hubbell’s A.V. rating, received his undergraduate degree from Dartmouth College in 1984, and received his law degree from The Georgetown University Law Center in 1987. In addition to representing both plaintiffs and defendants in a wide variety of matters in state and federal courts throughout the United States, Mr. Narine has handled commercial matters including commercial disputes, business entity formation, asset purchases and sales, and real estate transactions.  Mr. Narine has successfully defended putative class actions brought under the Telephone Consumer Protection Act.  In addition, Mr. Narine is involved in data breach class litigation, including Storm et al. v. Paytime, Inc., Case No. 15-3690 (3d Cir.) on appeal from 1:14-cv-01138-JEJ (M.D.Pa.), and In Re Experian Data Breach Litigation, Case No. 8:15-cv-01592-AG-DFM (C.D.Cal.).

He is one of the founding partners of Meredith & Narine. Prior to forming Meredith & Narine, Mr. Narine operated the Law Office of Krishna B. Narine, P.C. from 2004 through 2012.  Also, he is a former partner at Schiffrin & Barroway, and was the manager of its antitrust department. Before his work with Schiffrin & Barroway, Mr. Narine was a partner at Meredith, Cohen, Greenfogel & Skirnick, P.C., a firm which specialized in complex antitrust litigation. While at Meredith Cohen, Mr. Narine was actively involved in complex antitrust litigation for over thirteen years, and played a prominent role in two of the largest antitrust cases in history:

  • In re Nasdaq Market-Makers Antitrust Litigation, MDL No. 1023 (S.D.N.Y.) (settlement of $1.125 billion); and
  • In re Brand Name Prescription Drugs Antitrust Litigation, C.A. No. 94C897 and MDL No. 997 (N.D. Ill.) (settlement of $750 million).

Mr. Narine is Liaison Counsel and one of four Co-Lead Counsel of the indirect purchaser action in In Re: Processed Egg Products Antitrust Litigation, C.A. No. 08-2002, MDL No. 2002 (E.D.Pa.).  Mr. Narine played a prominent role in the indirect purchaser actions in two antitrust class actions in the Eastern District of Pennsylvania, In re Hydrogen Peroxide Antitrust Litigation, MDL No. 1682, C.A. No. 05-666 (E.D.Pa.) and In re Plastic Additives Antitrust Litigation, MDL No. 1684, C.A. No. 05-4157, both of which are among the first indirect purchaser antitrust class actions brought in federal court under the Class Action Fairness Act.  In addition, Mr. Narine has litigated indirect purchaser antitrust class cases in state courts throughout the United States.

Ultimate Value Annual Program

Bring a colleague for only $149, a savings of $50 per additional attendee.

  • Unlimited Access to Live & Recorded Webcasts
  • Instant Access to Course Materials
  • And More!

$199