Abstract

http://ssrn.com/abstract=1986461
 
 

References (47)



 


 



Empirical Analysis of Data Breach Litigation


Sasha Romanosky


Carnegie Mellon University - Heinz College of Information Systems and Public Policy

David A. Hoffman


Temple University - James E. Beasley School of Law; Cultural Cognition Project at Yale Law School

Alessandro Acquisti


Carnegie Mellon University - Heinz College

April 6, 2013

Forthcoming in the Journal of Empirical Legal Studies
Temple University Legal Studies Research Paper No. 2012-30

Abstract:     
In recent years, many lawsuits have been filed by individuals seeking legal redress for harms caused by the loss or theft of their personal information. However, very little is known about the drivers, mechanics, and outcomes of those lawsuits, making it difficult to assess the effectiveness of litigation at balancing organizations’ usage of personal data with individual privacy rights. Using a unique and manually-collected database, we analyze court dockets for over 230 federal data breach lawsuits from 2000 to 2010. We investigate two questions: Which data breaches are being litigated, and which data breach lawsuits are settling. Our results suggest that the odds of a firm being sued are 3.5 times greater when individuals suffer financial harm, but 6 times lower when the firm provides free credit monitoring. Moreover, defendants settle 30% more often when plaintiffs allege financial loss, or when faced with a certified class action suit. By providing the first comprehensive empirical analysis of data breach litigation, our findings offer insights in the debate over privacy litigation versus privacy regulation.

Number of Pages in PDF File: 31

Keywords: data breach, identity theft, privacy litigation, docket analysis, docketology

Accepted Paper Series


Download This Paper

Date posted: January 16, 2012 ; Last revised: February 1, 2014

Suggested Citation

Romanosky, Sasha and Hoffman, David A. and Acquisti, Alessandro, Empirical Analysis of Data Breach Litigation (April 6, 2013). Forthcoming in the Journal of Empirical Legal Studies; Temple University Legal Studies Research Paper No. 2012-30. Available at SSRN: http://ssrn.com/abstract=1986461 or http://dx.doi.org/10.2139/ssrn.1986461

Contact Information

Sasha Romanosky (Contact Author)
Carnegie Mellon University - Heinz College of Information Systems and Public Policy ( email )
Pittsburgh, PA 15213-3890
United States
David A. Hoffman
Temple University - James E. Beasley School of Law ( email )
1719 N. Broad Street
Philadelphia, PA 19122
United States
215-204-0612 (Phone)
Cultural Cognition Project at Yale Law School
127 Wall St
New Haven, CT 06520
United States
Alessandro Acquisti
Carnegie Mellon University - Heinz College ( email )
Pittsburgh, PA 15213-3890
United States
412-268-9853 (Phone)
412-268-5339 (Fax)
Feedback to SSRN


Paper statistics
Abstract Views: 10,236
Downloads: 2,430
Download Rank: 2,520
References:  47
People who downloaded this paper also downloaded:
1. Privacy Self-Management and the Consent Dilemma
By Daniel Solove

© 2014 Social Science Electronic Publishing, Inc. All Rights Reserved.  FAQ   Terms of Use   Privacy Policy   Copyright   Contact Us
This page was processed by apollo8 in 0.297 seconds