Cyber crime is all over the news. Data breaches have become more prevalent as cyber criminals have become more sophisticated and aggressive. Even nation states are investing in offensive cyber weapons – in some cases, like Russia, these weapons are given to cyber criminals for their own use to wreak havoc. Here in California, we are subject to an estimated 6 million hacking attempts – per day!
A new trial attorney-sponsored bill, SB 1121 (Dodd), claims to have the solution to the hacking (everyone brace yourselves, this will shock you): more lawsuits. In response to this growing security threat, SB 1121 would drastically expand the civil liability of businesses that become victims of this crime.
Specifically, SB 1121 would impose a minimum of $200 to a maximum of $1000 in statutory damages on a business per consumer breach – without a showing of any harm. The awards of damages under this bill would be staggering – enough to put companies out of business. Of course, faced with such massive risk, companies would be leveraged into immediate settlement – regardless of the strength of their defense as to the reasonableness of their security measures.
And there’s more. If SB 1121 is adopted, people would be able sue companies for a breach even if they are not a customer – and even if they are not certain their data had actually been breached. This bill is so broad that it would ensnare companies of virtually any type and size – including non-profits.
Despite the massive implications of SB 1121, it made it through the Senate Judiciary Committee this week on a party line vote of 5-2. But this battle is far from over. SB 1121 is currently in the Senate Appropriations Committee – and it is not yet clear whether it will stay there for long. Next stop is the Senate Floor.
SB 1121 will not prevent cyber crime and it will not help victims of cyber crime. All it will do is make trial attorneys’ dreams come true.