Those affected by data breaches now have increasing opportunities to take their claims to court. Last month, in northern California’s federal district court, Judge Lucy Koh upheld the right of victims to sue Yahoo for massive breaches between 2013 and 2016.
Merritt is an expert in emerging technology and cybersecurity. Merritt has experience in all three branches of government, most recently in the Department of Homeland Security where she worked in the Office of Cybersecurity & Communications, often termed the United States’ “cyber firehouse.” Before joining the government, Merritt started a business advisory / legal practice, working with emerging tech companies at early stages of growth. Merritt speaks regularly on emerging areas including the future of the Internet, artificial intelligence and robots, current cybersecurity issues in 5G, cloud, mobile, IoT and ICS, corporate interactions with government cyber, women in tech, entrepreneurism and innovation. Her insights on business strategy and tech have been published in Forbes, The Baltimore Sun, The Daily Beast, Talking Points Memo and ThinkProgress. She continues to publish academic articles on Internet questions, and her work has appeared in the journals of Temple, Georgetown, Santa Clara, and the University of Virginia. Merritt is a graduate of Harvard Law School and Harvard College. She is admitted to the Bars of New York, the United States Court of Appeals for the Armed Forces, and the United States Supreme Court. Based in Washington, DC, she is a Fellow at the East-West Institute, founder of women’s tech advocacy group Tech & Roses, Adjunct Professor of Cybersecurity at the University of Maryland, and an amateur boxer.
Subscribe to this Lawfare contributor via RSS.
Last week, credit reporting outlet Equifax disclosed that they were subject to a massive hack of personally identifiable information that may have compromised the data of as many as 143 million Americans. Unlike many other high-profile data breaches, many of the individuals affected might not have ever used Equifax, viewed or consented to their data retention policies.
Last year, the Republican National Committee hired a firm called Deep Root Analytics to collect voter information. The firm accidentally exposed approximately 198 million personal voter records. This was 1.1 terabytes of personal information that the company left on a cloud server without password protection for two weeks.
On June 21 of this year, victims filed a class action in Florida court against Deep Root Analytics for harm resulting from a data breach.