A plaintiff is arguing that he has endured years of harassing phone calls. This after a 2017 data breach at Dell exposed his information.
In 2017, a data breach exposed the personal information of about 7,000 customers. Now, a lawsuit has been filed against Dell in response.
The lawsuit is being filed in Nova Scotia. A plaintiff is arguing that he has endured years of harassing phone calls and e-mails from scammers. The source of the problem is allegedly the 2017 breach where a malicious third party made off with personal information of a number of customers. From Global:
In response to Wednesday’s announcement of the suit, filed Oct. 1, Dell issued an emailed statement saying it “places the highest priority on the protection of customer data.”
“The Office of the Privacy Commissioner’s related investigation found that we improved our ‘security safeguards along with (our) complaint handling and breach investigation practices.’ ”
According to the suit, which hasn’t been certified as a class action, its proposed representative plaintiff suffered through years of inconvenience and anxiety as a consequence of the breach, which occurred at a call centre in India that provided customer support services for Dell.
It says Dell tech support collected and stored information about the plaintiff, including service history, warranty information and model numbers as well as personal information, after he sought assistance with his computer.
It says he began to get harassing calls from individuals claiming to be Dell employees, starting in January 2018.
After taking steps to get Dell to deal with the problem to his satisfaction, the man filed a complaint in February 2018 with the federal Office of the Privacy Commissioner.
the article goes on to say that the privacy commissioner thinks that the claims made in the lawsuit is well-founded. The lawsuit says that the plaintiff has received 5 to 10 scam calls every day, 7 days a week at all hours.
If anything, this story highlights what can happen to people who become a victim of a data breach. So often, we see headlines of how many people are impacted, but actual personal impacts are rarely seen. Sometimes, the end result is getting a year of credit monitoring and that is all the victim sees out of it all. Other times, the consequences are much more serious as we can see here.
If you are from, say, the United States or Europe, you might think that regulators would easily issue fines against the companies in question. The problem is, Canada doesn’t really have regulators with the authority to levy fines for data breaches. At most, Canadian privacy commissioners can write strongly worded letters or issue comments about a situation. If penalties are to be handed out, it has to be outside of the commissioners office and in the courts. In the wake of other jurisdictions tightening privacy laws to keep up with a reality where personal information isn’t stored in a filing cabinet, Canadian privacy laws have withered into a bit of a laughing stock.
The Canadian government has made efforts to reform privacy laws already. That would be through the Consumer Privacy Protection Act, unfortunately, there are huge exceptions that seem to help companies skirt the fining power being granted. Whats more is that political parties are fully exempt. Even worse is the fact that the law is simply in the proposal stages – not an actual law.
So, for the time being, if Canadians affected by this breach are hoping for compensation, a proposed class action lawsuit is about as good as it is going to get.
Drew Wilson on Twitter: @icecube85 and Facebook.