Pub. 11 2021 Issue 3

12 AUTOMOBILE DEALER NEWS ILLINOIS illinoisdealers.com COUNSELOR’S CORNER W ith alarming frequency, we hear news of the latest data breach or privacy intrusion involving customer information. Indeed, as this article was going to print, reports surfaced of an OEM’s circulated memorandum to its franchised dealers advising them of a vendor data breach potentially affecting more than a reported 3.3 million customers and prospective car buyers 1 , causing the industry to once again take inventory of data security and privacy issues. According to the reports, along with public statements issued by the OEM, customer information was ostensibly collected for sales and marketing purposes by the OEM’s vendor and allegedly held in an unsecured electronic file which was compromised, impacting customers’ sensitive information related to vehicle purchases, loans and leases. Additionally, while the details of the breach are still developing, it’s been further reported that dealers that use a specific lead management program offered through the vendor may also be impacted. The OEM preliminarily reported that the customers’ potentially compromised data consisted of driver’s license numbers, and in some instances, dates of birth, Social Security numbers and account numbers, as well as email addresses and telephone numbers. So, what does this mean besides the possibility of litigation, potential liability, regulatory scrutiny and investigation and unsettled or unhappy customers? CUSTOMER DATA BREACH SECURITY — DEALERS SHOULD ENSURE DATA SECURITY COMPONENTS ARE IN PLACE AND ENFORCED IN EXISTING AND PROSPECTIVE VENDOR AGREEMENTS By Julie A. Cardosi, Law Office of Julie A. Cardosi, P.C.

RkJQdWJsaXNoZXIy MTIyNDg2OA==