文章基本信息

标题：Cybersecurity, Data Breaches, and the Economic Loss Doctrine in the Payment Card Industry
本地全文：下载
作者：Opderbeck, David W.
期刊名称：Maryland Law Review
印刷版ISSN：0025-4282
出版年度：2016
卷号：75
期号：4
页码：935
出版社：University of Maryland Francis King Carey School of Law
摘要：Data breaches are pervasive and costly. Recent civil data breach cases have centered on the consumer credit card payment chain in the retail industry. An important issue in such cases is whether the economic loss doctrine should bar negligence claims for purely pecuniary losses suffered by a non-negligent party, such as an issuing bank or a federal credit union that must incur costs to reimburse cardholders for the fraudulent use of stolen card numbers. The economic loss doctrine should not bar these claims. Large-scale data networks, such as consumer credit card networks, often entail significant network externalities. These include externalities relating to market concentration as well as to the “weakest link” nature of security in these networks. Although the primary players in these networks are tied together in a complex web of contractual relationships, there are significant transaction costs involved with any effort to change or monitor another party’s security measures. Moreover, “outside” entities such as third-party payment processors, which are not in contractual privity with all other parties in the network, have become ubiquitous. Under these circumstances, a negligence rule should help improve cybersecurity hygiene and promote a more robust cyber risk insurance market.
关键词：data networks security; credit card security