Law.com Subscribers SAVE 30%

Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.

NewsSections

Company Had No Duty to Encrypt Personal Information on Stolen Laptop

By Lisa J. Sotto and Aaron P. Simpson
April 19, 2006

A Minnesota district court recently found that a financial institution was not negligent for failing to encrypt personal information contained on a laptop computer that was stolen from an employee's home office. In Guin v. Brazos Higher Education Service Corp., the court dismissed the negligence action brought against a student loan provider by a customer. In granting the defendant's summary judgment motion, the court ruled that the company did not breach a duty of care under the Gramm-Leach-Bliley Act ('GLB') to customers whose unencrypted data may have been contained on the laptop.

The decision has significant implications for financial institutions regulated by GLB. Faced with the novel argument that a financial institution breached its statutory duty of care established by GLB when it failed to encrypt personal information in its databases, the court found that GLB contains no such requirement. In a narrow interpretation of GLB's requirement that companies 'protect the security and confidentiality of customers' nonpublic personal information,' the court held that GLB does not require companies to encrypt personal information contained on company laptops. For financial institutions that feared a judicial mandate to encrypt their customer data or risk noncompliance with GLB, the decision comes as welcome relief.

Read These Next
Why So Many Great Lawyers Stink at Business Development and What Law Firms Are Doing About It Image

Why is it that those who are best skilled at advocating for others are ill-equipped at advocating for their own skills and what to do about it?

Bankruptcy Sales: Finding a Diamond In the Rough Image

There is no efficient market for the sale of bankruptcy assets. Inefficient markets yield a transactional drag, potentially dampening the ability of debtors and trustees to maximize value for creditors. This article identifies ways in which investors may more easily discover bankruptcy asset sales.

The DOJ's Corporate Enforcement Policy: One Year Later Image

The DOJ's Criminal Division issued three declinations since the issuance of the revised CEP a year ago. Review of these cases gives insight into DOJ's implementation of the new policy in practice.

A Lawyer's System for Active Reading Image

Active reading comprises many daily tasks lawyers engage in, including highlighting, annotating, note taking, comparing and searching texts. It demands more than flipping or turning pages.

Blockchain Domains: New Developments for Brand Owners Image

Blockchain domain names offer decentralized alternatives to traditional DNS-based domain names, promising enhanced security, privacy and censorship resistance. However, these benefits come with significant challenges, particularly for brand owners seeking to protect their trademarks in these new digital spaces.