Mark Abramowitz Testifies Against Ohio Cybersecurity Safe Harbor Bill

Jun 28, 2018

DLC Associate Mark Abramowitz  testified in front of the Ohio House Judicial Committee on June 26, speaking about the detrimental effects that Ohio Senate Bill 220 (“S.B. 220”) could have on small businesses and consumers if enacted.

S.B. 220, also known as the Cybersecurity Safe Harbor Bill, aims to incentivize businesses to enact stronger cybersecurity measures to safeguard users’ data, but opponents of it say the bill in its current form will ultimately make consumers pay. Abramowitz’s testimony explained why.

“The safe harbor that S.B. 220 would provide would shift the cost of a company’s use of minimum criteria in safeguarding data to the individual consumers—who have no choice in what security measures the company chooses, how the company stores data, who the company provides that data to, and how long that company keeps their data.  The safe harbor is bad for companies, it’s bad for consumers, and thus, it’s bad for the State of Ohio,“ he said.

In addition, he argued that S.B. 220 will place an unreasonable burden on judges to determine fault when a company’s data is breached.

“Some may say that S.B. 220 would also limit the liability for companies because it would become increasingly difficult to sue them.  The problem with this logic is that it ignores patchwork, state-by-state legislation enacted regarding data breaches. Most data breaches affect consumers nationwide—such as the current litigation that my firm is co-leading against Equifax.” Abramowitz continued, “Those lawsuits are brought by consumers and small businesses on behalf of nationwide classes.  At the motion to dismiss stage, S.B. 220 would require judges in federal courts in different parts of the Country to decide whether a company “complied” with one of several different best practices—wading through hundreds of pages of technical documents—in order to address the issue at the motion to dismiss stage.”

Abramowitz addressed the Ohio Senate Government Oversight & Reform Committee on May 9 with similar remarks regarding the Cybersecurity Safe Harbor Bill. To see Mark’s full remarks in front of the Ohio House Judicial Committee, click here.

Comments are closed.