Quantifying violations under U.S. privacy laws

Thursday, March 19, 2020 - 11:45am to 1:00pm
Panel Description: 

Privacy laws allow for enforcement authorities and plaintiffs in private actions to seek damages based on a “violation” of the law. Quantifying these damages can be challenging because the laws do not define how a “violation” should be calculated. Is it limited to one violation of the law, or is there some other way to measure a violation? For example, should it be calculated by adding up the total number of consumers affected by the business’s conduct, adding up the number of statutory sections the business violated, or adding up the “per transaction” violations (e.g., each call, each scan)? A panel of WG11 drafting team members will lead a dialogue with all attendees on their draft Commentary, which draws from the interpretation of various privacy laws to suggest the meaning of a “per violation” measure of damages.


Sidley Austin LLP

Washington, DC, USA

Dialogue Leaders

Office of the Colorado Attorney General

Denver, CO, USA

Tousley Brain Stephens

Seattle, WA, USA

Pennsylvania Office of Attorney General

Philadelphia, PA, USA