Dismissing Hannaford Lawsuits, Federal Judge Tells Consumers: Show Me The (Lost) Money
Written by Evan Schuman and Fred J. AunSimilar to rulings from cases fellow data-breach retail victim TJX, Hornby said he couldn't allow almost any of the defendants to continue with the case because the consumers hadn't suffered out-of-pocket financial losses. In an ironic sense, this all stems from the card brands' zero liability programs. Those programs guarantee that consumers will have all fraud losses wiped clean. (The one defendant who can continue is a consumer whose fraud loss costs—for reasons unknown—were not covered by her bank.) It's ironic because the programs to created to make consumers feel safer about their payment security. Today, that program is preventing consumers from successfully suing retailers that mishandle their data, which in turn makes it more difficult for retailers to justify spending more than the minimum on data security.
This Story Is Only Available For Premium Subscribers. Click Or Login In Below To Read The Rest Of This Story.
Pages: 1 2
4 Comments | Read Dismissing Hannaford Lawsuits, Federal Judge Tells Consumers: Show Me The (Lost) Money
Leave a Reply
Our Comment SPAM system is getting very aggressive these days and has been blocking legitimate comments. If you post a comment and don't see it appear within 2 hours or so, can you please send a heads-up to customer-service@storefrontbacktalk? Ideally, please include the time you posted the comment. That will allow us to try and hunt for it. Thanks! P.S. We're working on fixing the system, but we don't want to lose any valuable comments in the meantime.
-Ed
May 13th, 2009 at 6:20 pm
What jerks! It takes a peculiar attitude indeed to try to sue for what was an accident, and one that in all but one of these cases had already been compensated! Hannaford did an excellent job (contrast with Exxon in the oil spill 20 years ago) of trying to limit harm and inconvenience to its customers. Those whose suits were dismissed should be held up to public ridicule and berated for their greed.
May 14th, 2009 at 10:41 am
The real issue here is not a data breach at a retailer, it is the use of old technology, the magnetic stripe, that is so easy to clone. It is stored in the clear on the card holder’s magnetic stripe. The card brands and the card issuers are not working to change the payment technology and are requiring the merchants to pay for the security of the card data. As long as the card brands and issuers can get someone else to pay for securing the data, and take the blame when the data is stolen, then they will never move to make payments more secure.
The PCI DSS is meant to mitigate risk of compromise, not eliminate it. Therefore, it should not be a surprise when there is a breach. Just think how many more breaches there would be if there was now standard in place and if retailers were not at least trying to make an effort to secure the data.
When breaches happen, the outrage should be toward the card issues instead of the merchants, it is nearly impossible to secure data that starts off in the public domain.
May 14th, 2009 at 1:21 pm
Simply because a business becomes PCI certified does not mean security ends there. There are other precautions to take that go above and beyond that must become daily routine. Many companies jump through the hoops for certification, then think that all is well. Until disaster strikes. Like any long-lasting positive measure, consistency is key. There are no shortcuts for merchants, so stay on your toes guys!
May 14th, 2009 at 8:43 pm
In the end, the consumer pays for it. Increase rates and fees, or lost time and credit issues, or increased prices to pay for something that may or may not work. The entire thing is a house of cards.
Grins,
RW