Publication Date
2016
Abstract
In a world where vast amounts of personal information
are obtained and stored by countless organizations and
businesses in the public and private sector, data breaches,
due to negligence or nefarious hacking, are a far too
common occurrence. The results of a data breach can be
serious and widespread, from public humiliation to
identity theft and national security crises. In an effort to
protect consumers from the potentially devastating effects
of data breaches, the Federal Trade Commission has
begun to take enforcement action against businesses whose
data security practices are alleged to be unfair and
deceptive. Theoretically, states can take similar actions
under their "Little FTC Acts" or data breach notification
laws.
This Note argues that Georgia's "Little FTC Act," the
Fair Business Practices Act, and data breach notification
law, the Georgia PersonalIdentity ProtectionAct, provide
insufficient protection from data breaches for Georgia
consumers and insufficient recourse for those harmed by
breaches. This Note also proposes several changes in
Georgia's statutory scheme that would incentivize
organizations to implement stronger data security
measures and provide better remedies for injured
consumers.
Recommended Citation
McMichael, Maggie L.
(2016)
"Cybersecurity on My Mind: Protecting Georgia Consumers from Data Breaches,"
Georgia Law Review: Vol. 51:
No.
1, Article 6.
Available at:
https://digitalcommons.law.uga.edu/glr/vol51/iss1/6
Included in
Computer Law Commons, Consumer Protection Law Commons, Internet Law Commons, State and Local Government Law Commons