The US Supreme Court to hear cases on the responsibility of the private sector regarding data breaches and hacking

17 Dec 2018

The US Supreme Court is scheduled to hear two cases related to a question as to whether consumers must suffer financial or physical harm before they may demand compensation for a data breach or for vulnerabilities in products allowing hacking. The first case, FCA US LLC, et al., v. Brian Flynn, et al. concerns the hacking vulnerability of Jeep Cherokee vehicles, specifically where the vehicle breaks were hacked through the entertainment system. In the second case,, Inc. v. Stevens, the online retailer suffered a malicious breach to its consumer database. In both cases no harm ensued to the consumers. Upon the decision of these cases, the verdict of the US Supreme Court would reshape the responsibility of the private sector over the security of internet connected products that could potentially endanger customers’ wellbeing or privacy.

Explore the issues

Jurisdiction is the authority of the court and state organs to decide on legal cases. The relationship between jurisdiction and the Internet has been ambiguous, since jurisdiction rests predominantly on the geographical division of the globe into national territories. Each state has the sovereign right to exercise jurisdiction over its territory.


The GIP Digital Watch observatory is provided by



and members of the GIP Steering Committee


GIP Digital Watch is operated by

Scroll to Top