We use cookies to provide some features and experiences in QOSHE

More information  .  Close
Aa Aa Aa
- A +

Data breach class actions are the least of Uber’s problems

13 2 0
25.11.2017

On Tuesday, Uber’s new CEO, Dara Khosrowshahi, disclosed that in late 2016, hackers got hold of personal data belonging to 57 million Uber drivers and riders. Uber did not report the incident to riders or drivers when it occurred, Khosrowshahi said. The company paid the hackers $100,000 in exchange for their assurances the stolen data would be destroyed.

“None of this should have happened, and I will not make excuses for it,” Khosrowshahi said in his blog post about the breach.

Those are the sort of words that set class action plaintiffs’ lawyers’ hearts racing. Predictably, within hours of Uber’s announcement, Uber was hit with a class action claiming its drivers and passengers are at risk of fraud and identity theft as a result of the company’s negligence. The suit was filed in federal court in Los Angeles by the Wilshire Law Firm, which bills itself as a specialist in personal injury litigation.

Uber will undoubtedly reap ill consequences from its admitted mishandling of the 2016 hack. Regulators around the world are already investigating whether the company violated consumer protection laws that, in many instances, require disclosure of data breaches. Drivers and riders may decide to bail on the embattled company if they don’t trust Uber to keep their personal information secure.

But however bad the optics of the breach and Uber’s initial response to it, the company probably does not face crippling exposure in a data breach class action, according to two prominent data breach plaintiffs' lawyers I interviewed on Wednesday.

ARBITRATION CLAUSE TO THE RESCUE

In part, that’s because Uber may be able to squelch cases at the outset because of a clause in its contracts........

© Japan Today