Privacy & Data Security
The collection, storage, use, and disclosure of consumer data are hot
topics in the legal, regulatory, and legislative communities. In addition to
the types of data that may be particularly sensitive and/or targeted by hackers
(e.g., credit card information, health data), many organizations collect
consumer data to better understand and connect with customers (e.g., demographic
information, consumer preferences). However, the ever-changing ways in which data
are collected and used present significant challenges with respect to how
organizations develop and adhere to their respective privacy policies, and the
limitations of customer consent. Moreover, the collection and use of data sets
the stage for unauthorized individuals to access information through
cyberattacks and misuse that data to harm both the entities that legitimately
collect data as well as their customers.
State and federal laws in the U.S. (and other authorities overseas) govern the maintenance and use of data by the companies that collect them to protect the privacy interests of individuals. The use and potential misuse of data by both authorized parties and outside actors may lead to investigations
and claims of statutory violations, negligence, invasion of privacy, misappropriation of personal information, and infliction of emotional distress.
How Analysis Group can help
When such disputes arise, it is often difficult for courts to assess liability and damages related to misuse of consumer data, publicity/privacy rights, and data breaches. In such matters, the ability to analyze and interpret a wide variety of complex data is often critical. Analysis Group is at the forefront
of using the latest quantitative methods and tools to analyze and interpret complex data sets. Our experts can assist with addressing such challenging questions as:
- Did the organization’s use of consumer data constitute a “misuse,” and were all consumers’ data similarly misused?
- Did the organization apply reasonable safeguards to protect consumer data?
- Is there a causal relationship between the misuse, disclosure, or theft of consumer data and any potential subsequent harm to individuals?
- How do consumers value the data that were alleged to have been misused, disclosed, or breached?
We assist clients in finding answers to these questions through a number of analyses, including:
- Quantifying the costs of a breach (or potential breach) to an organization
- Determining the number of alleged violations that meet the requirements for statutory damages
- Defining and measuring consumer harm in a litigation context
- Evaluating the appropriateness of class certification regarding the alleged misuse or misappropriation of personal information
- Assessing the economic impact of liability and damages arguments
- Quantifying the value of personal data
- Determining the reasonable level of investment in data security resources and infrastructure