Is there any kind of legal standard of liability when a victim of a data breach suffers from someone exploiting their data? If you are only breached once, obviously it’s easy to point the finger to whoever leaked your data.

But I’ve been hit 3 times now. So all those shitty corps who sloppily handled my data can point the finger to each other. Would a court say the most recent sloppy custodian is responsible if my data is used against me? Or would it be the most reckless custodian? Or would it be equal blame? Or does everyone get off the hook when a victim cannot prove which leak leads to an exploit?

It’s a hypothetical question. Not saying my data was exploited after the breaches, but I wonder about the overall trend. What I’m getting at is there may be little incentive to actually invest in good data security because when a breach happens amid so many other breaches there is perhaps a diffusion responsibility.

    • atrielienz@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 months ago

      That’s not what I meant. I was specifically talking in the legal context because in America we have so few privacy protections for things like this.