From the allegations of Edward Snowden about official snooping on U.S. citizens (and non-Americans worldwide) to any of the seemingly innumerable data breaches hitting retailers like Home Depot and Target or movie/television studio Sony or pick-your-favorite-example, it’s rare that a day passes without some breaking news about privacy (or its sibling, cybersecurity).
Think of the last time privacy wasn’t in the national spotlight in the last five years. Can’t think of any time like that? Neither can we, and an economic analysis published this past summer backs us up.
NERA Economic Consulting’s Consumer Class Action Settlements: 2010–2013; Settlements Increasing, With a Focus on Privacy, explains that privacy claim settlements appear to be heating up, even as the number of class action settlements nationally appears to be remaining steady. Settled cases involving allegations of consumer privacy grew between 2010 and 2013, from 5 (2010), to 20 (2011), to 24 (2012), to 35 (2013). Claims against retailers involving compromised personal information are particularly noteworthy, since retailers face the largest proportion of consumer privacy violation settlements – 24%. Business/consumer services and banking/finance industries are not far behind retailers at 22% and 18%, respectively.
Also noteworthy is the distribution of privacy claims. Telecommunications providers and bank/finance industry settlements were more likely to include allegations related to spam than to the misuse of personal information, while the reverse is true for the retail, business/consumer services, and entertainment/social media settlements.
This report reflects what we have been hearing from colleagues and clients here and around the privacy world. Growing concerns about privacy and security leading to class action suits also dovetails with increased international, federal, and state enforcement activities. (And by the way, the report tells a similar story on the growth of false advertising claims.) No one is immune, and it shouldn’t be surprising that the number of privacy-related claims is increasing with the ever-more-connected nature of our world. More people are using multiple devices to connect to the Internet, and not just with computers and smartphones, but through the vaunted “Internet of Things” that allows us to control our lights, save energy with our appliances, and even open and close our doors. More information is kept about more subjects (the vaunted “Big Data”), so when information is handled poorly – read poor privacy or security practices – consumers and regulators are increasingly taking action. What’s more, even if information is handled properly at every step, third parties (hackers) are testing the boundaries by ever more clever attacks designed to access the data you keep.
What to do? More on that in an upcoming post.