Abstract

http://ssrn.com/abstract=1427964
 
 

Footnotes (223)



 


 



Government Data Breaches


A. Michael Froomkin


University of Miami - School of Law


Berkley Technology Law Journal, Forthcoming
University of Miami Legal Studies Research Paper No. 2009-20

Abstract:     
This paper addresses the legal response to data breaches in the US public sector. Private data held by the government is often the result of legally required disclosures or of participation in formally optional licensing or benefit schemes where the government is as a practical matter the only game in town. These coercive or unbargained-for disclosures impute a heightened moral duty on the part of the government to exercise careful stewardship over private data. But the moral duty to safeguard the data and to deal fully and honestly with the consequences of failing to safeguard them is at best only partly reflected in current state and federal statute law and regulations. The paper begins with an illustrative survey of federal data holdings, known breach cases, and the extent to which the government’s moral duty to safeguard our data is currently instantiated in statute law and, increasingly, in regulation.

I then argue that the government’s duty to safeguard private data has a Constitutional foundation, either free-standing or based in Due Process, at least in cases where the government failed to take reasonable precautions to safeguard the data. This right is separate from any informational privacy rights that constrain the government's ability to acquire personal or corporate information. The key is Chief Justice Rhenquist’s opinion in DeShaney.

Under the DeShaney logic, victims of many governmental privacy breaches should have a claim against states under § 1983. Similar constitutional claims against the federal government would require a Bivens action but this is unlikely to work under current doctrine. As a result, persons injured by federal data breaches will have substantially inferior remedies available to them than will victims of state errors. And even when suing a state, however, the provision of effective remedies may be hampered by arguments based on governmental immunity, and the problem of valuing the harms caused by a breach.

Number of Pages in PDF File: 42

Accepted Paper Series





Download This Paper

Date posted: August 15, 2009 ; Last revised: August 26, 2011

Suggested Citation

Froomkin, A. Michael, Government Data Breaches. Berkley Technology Law Journal, Forthcoming; University of Miami Legal Studies Research Paper No. 2009-20. Available at SSRN: http://ssrn.com/abstract=1427964

Contact Information

A. Michael Froomkin (Contact Author)
University of Miami - School of Law ( email )
P.O. Box 248087
Coral Gables, FL 33146
United States
305-284-4285 (Phone)
305-284-6506 (Fax)

Feedback to SSRN


Paper statistics
Abstract Views: 1,672
Downloads: 144
Download Rank: 121,924
Footnotes:  223

© 2014 Social Science Electronic Publishing, Inc. All Rights Reserved.  FAQ   Terms of Use   Privacy Policy   Copyright   Contact Us
This page was processed by apollo6 in 0.250 seconds