As we’ve previously discussed, companies are often sued by their customers and business partners after a data breach. Another increasingly common source of data-breach litigation comes from within: companies’ own employees. That’s because almost every business collects social security numbers, bank account information, and other sensitive personal information to […]
The North Carolina Business Court has issued several opinions this year that examine the contours of the “internal business affairs” doctrine. As we have explained in prior posts, North Carolina courts have recognized that internal business disputes are exempt from N.C. Gen. Stat. § 75-1.1 because they are not “in […]
The past year has seen several notable decisions concerning how choice-of-law regimes can affect the viability of a claim for violation of N.C. Gen. Stat. § 75-1.1. Today’s post involves another case on this topic. In Koch Foods, Inc. v. Pate Dawson Company, a federal district court assessed a claim […]
Section 5 of the Federal Trade Commission Act provides a powerful tool for the federal government to regulate companies’ data-security practices. Rather than adopt specific data-security standards, the FTC often uses Section 5’s flexible and open-ended concepts of unfairness and deception to bring enforcement actions against companies for data-security failures. […]