With the recent launch of cyber liability coverage in Australia comes inevitable questions about cyber liability in general. If your details have been compromised due to a cyber attack or a data breach, you may be wondering if you are entitled to compensation from the company that originally held your details in their databases. While it's a relatively new area of tort law, there are a number of points you should consider when weighing the merits of your case.
Was there a direct breach of your information?
Under Australian liability rules, if another entity harms you directly, they may be responsible for the costs you incurred as well as potentially pain and suffering. As a result, if a company directly stole your information and used it for their own benefit, you may have a case of cyber liability on your hand. For example, if you are a local celebrity and your medical clinic sold your information to a tabloid publication, that represents a direct breach in most cases.
Was there negligence involved?
In most cases, however, companies or organizations don't directly breach your personal information. However, they may be negligent. In a cyber case, negligence can take a range of forms. For example, if the company allowed employees who were not properly vetted to see your banking details or other information, that may be a sign of negligence. Similarly, if the company did not have cyber safety protocols in place, such as firewalls, encryption of transmitted information, password-protected databases and other basics, that may too be considered negligence.
Were you harmed because of the breach?
In most cases, just having someone access your information may not justify a liability suit. Rather, you need to have been harmed in some way. Did someone open credit cards in your name due to the breach? Were you harassed at your home and suffered emotional damage due to a breach of private information? Did you suffer other consequences? Think carefully about what personal and financial injuries you incurred and how they affected your ability to work, your livelihood and other factors.
Did you contribute to the negligence?
Australia has contributory negligence. This means that if you were partially responsible for the personal injury, the amount of your claim may be reduced. In the case of a cyber breach, the defendant may argue that you contributed to the negligence in a few ways. For example, if your information was protected with a password but you had the same password for every account you have or if you were prompted to change your password and never did, that could be considered contributory negligence.
Does your case overlap with an existing area of Australian tort law?
Although cyber liability is a relatively new arena of personal injury law, it is based on established tort law. If you suffered intentional damage to your economic interests or invasion of privacy, those are both areas of tort law where you are allowed some protection.
To learn more about cyber liability and whether or not you should bring a personal injury suit against a company that has stolen or allowed someone else to breach your information, you should contact a personal injury lawyer.