Ryan Baker was quoted in a Legaltech News April 7th story about retailer FatFace asking affected customers in a ransomware attack earlier this year to keep the matter confidential. Baker said such a request has no legal “teeth and if anything, it attracted attention. I don’t see any upside.”
The downsides – the action is not an enforceable contract, increased attention, customers complaining to regulators – make it unlikely other companies will follow FatFace’s lead, said Baker who has considerable experience counseling companies in data breach situations.
“Under the current legal structure and the current applicable statutes and civil law, I can’t imagine other companies embracing this,” Baker said. “Practically speaking, this is not something that is working for FatFace, but if all FatFace wanted was to get in the news, it got in the news.”
FatFace, a British clothing retailer, detected the security breach in January and notified customers in March.
In 2021, Baker Marquart became Waymaker. Information on this website reflects results obtained by Baker Marquart. Please click here to learn more about our name change.