Cybersecurity, Data Breaches, and the Economic Loss Doctrine

49 Pages Posted: 29 Jul 2015

See all articles by David W. Opderbeck

David W. Opderbeck

Seton Hall University - School of Law

Date Written: July 28, 2015

Abstract

Data breaches are pervasive and costly. Recent civil data breach cases have centered on the consumer credit card payment chain in the retail industry. An important issue in such cases is whether the economic loss doctrine should bar negligence claims for purely pecuniary losses suffered by a non-negligent party, such as an issuing bank or a federal credit union that must incur costs to reimburse cardholders for fraudulent use of stolen card numbers. The economic loss doctrine should not bar these claims. Large scale data networks, such as the consumer credit card network, often entail significant network externalities. These include externalities relating to market concentration as well as to the "weakest link" nature of security in these networks. Although the primary players in these networks are tied together in a complex web of contractual relationships, there are significant transaction costs involved with any effort to change or monitor another party’s security measures. Moreover, "outside" entities such as third party payment processors, which are not in contractual privity with all other parties in the network, have become ubiquitous. Under these circumstances, a negligence rule should help improve cybersecurity hygiene and promote a more robust cyber risk insurance market.

Keywords: cybersecurity, data breach, externalities, negligence, economic loss rule, economic loss doctrine

JEL Classification: D62, K00, K13, K21

Suggested Citation

Opderbeck, David W., Cybersecurity, Data Breaches, and the Economic Loss Doctrine (July 28, 2015). Seton Hall Public Law Research Paper No. 2015-05, Available at SSRN: https://ssrn.com/abstract=2636944 or http://dx.doi.org/10.2139/ssrn.2636944

David W. Opderbeck (Contact Author)

Seton Hall University - School of Law ( email )

One Newark Center
Newark, NJ 07102-5210
United States
973-642-8496 (Phone)

Here is the Coronavirus
related research on SSRN

Paper statistics

Downloads
203
Abstract Views
1,262
rank
166,937
PlumX Metrics