Negligent Entrustment Liability for Outsourced Data

Journal of Internet Law, Vol. 10, No. 10, p. 3, April 2007

Suffolk University Law School Research Paper No. 07-19

10 Pages Posted: 7 Mar 2007

See all articles by Michael L. Rustad

Michael L. Rustad

Suffolk University Law School

Thomas H. Koenig

Northeastern University

Abstract

American financial services companies, health care facilities, and software producers are increasingly outsourcing data handling to low wage nations. Companies electronically transmit the personally identifiable information of millions of Americans to back office operations (BPOs) located in countries such as India, China, the Philippines, and Russia. Companies can easily delegate non-core operations to an offshore data hub, but it is unlikely that these firms will be permitted to outsource their legal responsibility for reasonable data security. American companies are vulnerable to being held jointly and severally liable for transmitting data to insecure back office operations under a theory of negligent entrustment. This article explores the potential liability of data handlers for negligent entrustment of outsourced data.

Keywords: tort liability, negligence, damages, international business transactions, information security, negligent entrustment

Suggested Citation

Rustad, Michael L. and Koenig, Thomas H., Negligent Entrustment Liability for Outsourced Data. Journal of Internet Law, Vol. 10, No. 10, p. 3, April 2007, Suffolk University Law School Research Paper No. 07-19 , Available at SSRN: https://ssrn.com/abstract=967343

Michael L. Rustad (Contact Author)

Suffolk University Law School ( email )

120 Tremont Street
Boston, MA 02108-4977
United States

Thomas H. Koenig

Northeastern University ( email )

220 B RP
Boston, MA 02115
United States

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
352
Abstract Views
2,954
rank
103,833
PlumX Metrics