Priya Patel
TLDR:
- Consumers can sue if personal data is released in a cyberattack
- Companies must notify customers within 30 days of a data breach
In the aftermath of a ransomware attack at Beaches Energy in Jacksonville Beach, Florida, consumers are exploring their legal options when personal data is compromised. A Jacksonville lawyer, Shannon Schott, explains the rights of citizens and the obligations of companies after a breach. Under the Florida Information Protect Act, both public and private businesses must notify customers within 30 days of a breach and disclose the extent of the breach. Companies that fail to do so may face fines.
Individuals can take legal action against companies like AT&T for data breaches, but must be able to demonstrate the negative impacts of the breach. Accepting free credit monitoring services may impact a victim’s legal case. Social media companies like Meta often have legal protections hidden in user agreements. Schott emphasizes the need for federal protections for consumer data, as legislators have placed the burden of data protection on individuals.
Consumers are advised to read contract fine print when sharing personal information, and business owners can seek financial settlements for data breaches that result in financial losses or reputational damage. Overall, the legal landscape surrounding data breaches is complex and requires careful consideration of individual rights and company responsibilities.
