Measure of Damages for Violation of Property Rules: Breach of Confidentiality

Abstract

Interests in data are often split between a source, who needs confidentiality in order to plan transactions, and a gatherer, which prices efficiently by maximizing its data usage. Property/liability rule theory suggests that, when data protected by a confidentiality rule is taken, the source should generally be protected by a property rule against a taking by the gatherer. Different gatherer-source relationships have different investment incentives. Data in a fiduciary relationship, such as lawyer-client, should receive more protection than in an arms' length relationship, as with a consumer website. Property rule damages are a bump-up above liability rule damages. The latter include restitution for data value plus payment of proximate cause damages, such as emotional distress, reputation loss and cost of protecting against future takings. A property rule would include (1) liability rule damages plus (2) disgorgement of the taker's monetary profits and malicious gain, minus (3) any overlap between disgorgement and restitution damages. Liability and property rules must be adjusted to correct for error in determining damages and liability and for enforcement costs. A property rule providing for a single level of damages cannot perfectly deter high- and low-valuing takers simultaneously. Current doctrinal law is chaotic and underdeters large-scale intentional takings of low-value database data.