The Court hearing the Target data security breach litigation issued a ruling on December 2, 2014, largely denying Target’s motion to dismiss the Consolidated Amended Class Action Complaint in the Financial Institutions Cases.  In his decision, Judge Magnuson found that Target owed the issuer banks a duty to protect customer data from hackers, a determination that was based on allegations that Target played a “key role” in allowing the break-in to occur by intentionally disabling one of the security features that would have prevented the harm.  Decision at 5.  At issue in the case is whether Target should be held responsible for the costs incurred by the issuer banks as a result of fraudulent charges and to replace customers’ credit and debit cards.

The importance of the decision is that it provides banks with a legal basis to seek to hold merchants financially responsible for the costs of data breaches if the facts suggest the merchants’ data security systems were deficient.

Of course, this is just the first round in the litigation and the banks will still need to prove their case before imposing liability on Target.  That said, this decision is surely a sign of things to come and we will continue to mind the store and report on developments.

Posted in Data Breaches
Tags: credit card, data breach litigation, e-commerce
Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Margaret A. Dale Margaret A. Dale

Margaret Dale is a seasoned trial lawyer and first-chair litigator handling complex business disputes across a wide variety of industries and sectors, including consumer products, media and entertainment, financial services, telecommunications and technology, and higher education. A former vice-chair of the Litigation Department…

Margaret Dale is a seasoned trial lawyer and first-chair litigator handling complex business disputes across a wide variety of industries and sectors, including consumer products, media and entertainment, financial services, telecommunications and technology, and higher education. A former vice-chair of the Litigation Department, she has been recognized since 2017 in Benchmark Litigation’s Top 250 Women in Litigation.

Margaret’s practice covers the spectrum of complex commercial disputes, including matters involving contracts, bankruptcy and insolvency, securities, corporate governance, asset management, M&A, intellectual property, and privacy and data security.

Margaret regularly counsels clients before litigation commences to assess risk, develop strategies to minimize or avoid disputes, and resolve matters outside of the courtroom.

Margaret is a frequent writer, including authoring the chapter titled “Privileges” in the treatise Commercial Litigation in New York State Courts (Haig, 5th ed.), the chapter titled “Data Breach Litigation” in PLI’s Proskauer on Privacy, and the chapter titled “Perfecting the Appeal” in PLI’s Principles of Appellate Litigation. She also serves as the lead editor of Proskauer’s blog on commercial litigation, Minding Your Business Litigation. For over 10 years, Margaret co-authored a regular column on corporate and securities law in the New York Law Journal.

Margaret maintains an active pro bono practice advocating on issues relating to reproductive rights, women, children, and veterans. She serves on the Board of Directors of CFR (Center for Family Representation), VLA (Volunteer Lawyers for the Arts), and the City Bar Fund.

Read more about Margaret A. Dale
Show more Show less
Related Posts
The PowerSchool Breach: A Privacy Lesson on Third-Party Risk Exposure
March 31, 2025
Standing to Sue: Is Theft of Drivers’ License Numbers Sufficient to Allege Imminent Threat of Future Harm?
December 16, 2022
Travelling outside the EU: French Data Protection Authority Publishes a Checklist to Secure Phones and Laptops
December 16, 2022