New Liability for Hacked Companies

What corporations are adding to their sites' boilerplate.
Advertisement

Companies could soon be required to inform their customers when information such as credit card or Social Security numbers is hacked. Today most businesses are under no legal obligation to alert customers when data is compromised -- and experts believe that the occurrence of security breakdowns is wildly underreported. Last year, however, California became the first state to mandate full disclosure after a hacker made off with personnel and financial information for some 265,000 state employees.

Democratic Sen. Dianne Feinstein introduced a federal version of her state's law last June. It would impose stiff penalties on companies that "keep mum about security breaches, either for fear of bad publicity or liability," says Lee Tien, of the Electronic Frontier Foundation, a nonprofit that specializes in consumers' online rights. One defensive tactic: Corporations like Verizon and American Airlines are adding language to their online terms and conditions that asks customers to waive their right to sue if their personal information is breached.

Last updated: Jun 1, 2004

DARREN DAHL

Darren Dahl is a contributing editor at Inc. magazine, which he has written for since 2004. He also works as a collaborative writer and editor and has partnered with several high-profile authors. Dahl lives in Asheville, North Carolina.




Register on Inc.com today to get full access to:
All articles  |  Magazine archives | Livestream events | Comments
EMAIL
PASSWORD
EMAIL
FIRST NAME
LAST NAME
EMAIL
PASSWORD

Or sign up using: