Exploiting Privacy Breaches
Cross-posted from PogoWasRight.org:
I recently commented on the rush to class action lawsuits that seems to have become the norm. Today, I was interested to see this column by John Halamka, MD, CIO, CareGroup Health System, Harvard Medical School. He writes, in part:
As with any profession there are those attorneys who use the law for personal gain. Here’s a list of privacy breach class action suits, comparing payments to attorneys versus their clients.
There are many good investors. Accelerating new technology by providing funding to those who can build high value businesses is a good thing. As with any profession, there are investors who put profits ahead of societal benefits.
I’ve heard discussion about an alarming new business model. Investors paying attorneys to file class action suits related to privacy breaches in return for a portion of the profits.[…]
Investing in class action suits that asymmetrically benefit the finance and legal professions is not something that benefits society.
Read more on Healthcare Finance News. Although John is talking about the healthcare sector and as an insider, his points might seem a bit self-serving, I agree with him and his point applies equally well to other sectors. I think that those who are really sloppy with security and privacy protections should experience consequences and consumers should be compensated for any harm, time, or stress they incur as a result of negligent security or privacy practices, but most class action lawsuits really benefit no one but the plaintiffs’ attorneys. All these suits will do in the long run is discourage entities from coming clean about breaches, and then we all lose.