The Sedona Conference and its Working Group 11 on Data Security and Privacy Liability (WG11) are pleased to announce that The Sedona Conference Commentary on Quantifying Violations under U.S. Privacy Laws (“Commentary”) has been published for public comment. As data privacy receives more attention in the United States and elsewhere—and as new laws in the U.S. take shape and are enacted—WG11 recognizes that a consistent approach to quantifying violations under U.S. privacy laws could be helpful to impacted parties, courts, authorities, and practitioners, not to mention the general public. With various jurisdictions and enforcement authorities involved in current and future enforcement of such data privacy laws, however, consistency can be challenging to reach. With an eye towards consistency, WG11 hopes that this Commentary will be of use to stakeholders in reaching a fair interpretation of the meaning of a “per violation” measure of damages. The Commentary endeavors to provide a useful test courts can use to evaluate the meaning of a “per violation” measure of damages in the context of data privacy violations in a way that benefits consumers and provides deterrent value to regulators but is fair and provides due process to potential violators. |