Facebook Settlements – Cyber and D&O Liability Implications
On July 24 the Federal Trade Commission fined Facebook $5 billion for violating consumers’ privacy. (Although this was the largest penalty of its kind ever imposed, two Democrats on the FTC said it didn’t go far enough.) At the same time the Securities and Exchange Commission announced a $100 million settlement with Facebook of allegations of misleading investors about misuse of their user data. Facebook is still facing European investigations of possible GDPR violations, and a class action lawsuit arising from Cambridge Analytica’s misuse of their data.
While Facebook may consider these settlements as part of their cost of doing business, smaller companies are also at risk for privacy breaches and violations. The FTC, SEC and other regulators will not limit their actions to large corporations. Private companies may not have to contend with shareholder suits, but consumers will hold them accountable for data breaches and privacy violations.
In addition to ensuring that officers and directors properly manage their data, any company of any size needs insurance to cover actual or alleged privacy violations. This includes Cyber insurance to cover security and privacy liability, breach notification costs and regulatory fines and penalties. Private as well as public companies need protection from suits by consumers and regulators. Because Cyber and Directors and Officers Liability policies can be complicated and may include significant restrictions of coverage, before buying insurance have a Beacon adviser review your policies.