Priya Patel
TLDR:
• Texas bill proposed by Senator Shane Reeves would make it harder for data breach victims to sue companies
• Bill focuses on cybersecurity practices and human error in relation to cyber attacks
Key Elements:
A proposed bill in Texas, Senate Bill 2018, aims to restrict victims of data breaches from launching class action lawsuits against companies that mishandled their sensitive data. The bill states that a private entity is not civilly liable unless the cybersecurity event was caused by wilful, wanton, or gross negligence on their part, making it harder for victims to seek justice.
In a hearing about the bill, Senator Shane Reeves highlighted the need to protect companies from facing costly lawsuits due to cyber attacks. The bill suggests a proactive approach to cybersecurity, acknowledging that cyber attacks may happen regardless of the company’s defense systems.
However, the bill raises concerns about the impact of human error on cybersecurity incidents. Studies suggest that a significant percentage of cyber attacks are caused by human mistakes, despite companies implementing security measures such as multi-factor authentication. The bill’s focus on “wilful, wanton, or gross negligence” as grounds for litigation may complicate legal proceedings in cases involving human error.
It is important to consider the balance between protecting companies from undue lawsuits and ensuring that victims of data breaches have avenues for seeking justice. The proposed bill reflects a complex landscape of cybersecurity and legal considerations that require careful deliberation and analysis.
Source: TechRadar Article
