Proposed Nebraska Law Would Limit Certain Types of Liability For Data Breaches    

News

A proposed Nebraska law would disallow ordinary negligence-based class action lawsuits against private entities that suffer cybersecurity events resulting in the compromise of nonpublic information or misuse of information systems. Although the new law would provide business organizations with an important tool to defend against certain types of liability, other avenues are still available to consumers seeking to hold businesses responsible for not adequately protecting their data.

Under the proposed law, Nebraska residents can only base data breach state law class actions against private entities on claims of willful, wanton, or gross negligence. Nebraska residents would also still be able to sue a private entity for data breaches under federal law. The proposed law also would still allow class action lawsuits against public entities like Nebraska cities and counties – those entities would still be liable for all types of state law negligence claims.  Additionally, consumers in other states would still be allowed to sue for data breaches regardless of the type of negligence alleged or whether the defendant is a public or private entity. Business organizations with a large consumer base in Nebraska should take steps to protect their data in order to take advantage of this potential defense should a data breach occur.

Attorneys from McDonald Hopkins’ national data privacy and cybersecurity practice group will continue to monitor and report on recent data security law developments.

Jump to Page

McDonald Hopkins uses cookies on our website to enhance user experience and analyze website traffic. Third parties may also use cookies in connection with our website for social media, advertising and analytics and other purposes. By continuing to browse our website, you agree to our use of cookies as detailed in our updated Privacy Policy and our Terms of Use.