Recent Data Breaches Spark Debate Over 'Reasonable' Notification Rules

Stateline: When Pennsylvania sued Uber last week for waiting more than a year to alert drivers and customers that their personal information had been hacked, the state’s attorney general argued that the ride-hailing company had violated a state law mandating that companies notify people affected by a data breach “without unreasonable delay.”

“Uber hid the incident for over a year, and actually paid the hackers to delete the data and stay quiet,” Attorney General Josh Shapiro said in a statement.

Read article