Summary

Any substantial security breach creates the possibility of litigation.

Failures in cybersecurity, whether physical or electronic, set up a wide variety of litigation claims, depending on the circumstances. These can include negligence, the new tort of “intrusion upon seclusion,” breach of fiduciary duty, breach of the duty of good faith, breach of contract, and breach of statutory duty.

Cybersecurity litigation is complex. The successful prosecution or defence of a cybersecurity case requires counsel with experience in class actions, information technology, privacy law, fraud and white collar crime, insurance law and intellectual property. Given the exposure to investigations by public agencies and regulators, the legal team also needs a depth of expertise in public and administrative law.

BLG extensive experience in cybersecurity litigation is summarized under the representative work section of this page.

Publications & Presentations

Representative Work

BLG litigators act and have acted in some of the most notable cybersecurity cases in the country.

BLG is defending one of the first class actions brought under the “intrusion upon seclusion” breach of privacy tort. The case is likely to be precedent-setting, in what is considered by many observers to be the fastest-growing area for class actions. BLG represents a “Big Five” Bank being sued for the criminal actions of a rogue employee alleged to have breached the privacy of customers of the Bank, which included electronically stored information. The matter will be proceeding to a common issues trial, which will decide novel legal issues, including whether an employer can be vicariously liable for its employees’ breach of privacy.

BLG represented a financial services regulator named as a defendant in a class action regarding the loss of personal information contained on a portable computer. BLG was successful in obtaining the dismissal of the certification on the basis that the representative plaintiff suffered no compensable harm since his personal information was not used fraudulently.

BLG presented a major automobile financing company named as a defendant in a class action regarding the loss of personal information that was stored on a data tape which was lost during transit. BLG was successful in obtaining a dismissal of the certification of the class action on the basis that the representative plaintiff suffered no compensable harm since his personal information was not used fraudulently.

BLG represented a leading Internet search engine named as a defendant in a potential class action (now at the pre-certification stage) on behalf of persons whose electronic data was allegedly transmitted over unsecured wireless internet connection and whose personal information was allegedly intercepted.

BLG represented a New York-based broker-dealer prosecuting an action to obtain emergency injunctive relief against a computer network service provider which refused to provide it with administrative passwords necessary for it to access essential functions such as email and the ability to print.

BLG represented a major automobile financing company named as a defendant in a class action regarding the loss of personal information that was stored on a data tape which was lost during transit. The class action was certified on the basis that the representative plaintiff alleged that his personal information was used fraudulently.​

BLG represents numerous hospitals and healthcare institutions facing potential or actual claims relating to health care information, ranging from small individual breaches and large situations involving loss or theft of data storage devices.