Data Vu: Why Breaches Involve the Same Stories Again and Again

Scientific American (July 2022)

5 Pages Posted: 19 Jan 2023

See all articles by Daniel J. Solove

Daniel J. Solove

George Washington University Law School

Woodrow Hartzog

Boston University School of Law; Stanford Law School Center for Internet and Society

Date Written: July 26, 2022

Abstract

This short essay discusses why data security law fails to effectively combat data breaches, which continue to increase. With a few exceptions, current laws about data security do not look too far beyond the blast radius of the most data breaches. Only so much marginal benefit can be had by increasing fines to breached entities. Instead, the law should target a broader set of risky actors, such as producers of insecure software and ad networks that facilitate the distribution of malware. Organizations that have breaches almost always could have done better, but there’s only so much marginal benefit from beating them up. Laws could focus on holding other actors more accountable, so responsibility is more aptly distributed.

Keywords: data breach, data security

Suggested Citation

Solove, Daniel J. and Hartzog, Woodrow, Data Vu: Why Breaches Involve the Same Stories Again and Again (July 26, 2022). Scientific American (July 2022), Available at SSRN: https://ssrn.com/abstract=4326723

Daniel J. Solove (Contact Author)

George Washington University Law School ( email )

2000 H Street, N.W.
Washington, DC 20052
United States
202-994-9514 (Phone)

HOME PAGE: http://danielsolove.com

Woodrow Hartzog

Boston University School of Law ( email )

765 Commonwealth Avenue
Boston, MA 02215
United States

HOME PAGE: http://https://www.bu.edu/law/profile/woodrow-hartzog/

Stanford Law School Center for Internet and Society ( email )

Palo Alto, CA
United States

HOME PAGE: http://cyberlaw.stanford.edu/profile/woodrow-hartzog

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
68
Abstract Views
358
Rank
498,611
PlumX Metrics