|
Abstract: Many companies enter bankruptcy seeking to sell their assets, including customer data. Although the sale of customer data can be lucrative, it may also violate the company’s own privacy policy, in addition to state and federal law.
To address problems regarding the sale of customer data in bankruptcy, Congress amended the Bankruptcy Code in 2005 to provide for the appointment of a “consumer privacy ombudsman” (CPO) in certain instances. The role of the CPO has been scrutinized, criticized, questioned, and debated ever since. Largely missing from this discussion, however, is a critical examination of who the CPO is or should be. This gap in the literature matters: existing research suggests that the identity of the CPO, and the expertise that he or she possesses, is incredibly important, both because little guidance exists in the Bankruptcy Code for CPOs, and because CPOs can play a critical role in protecting customer data and privacy interests in a bankruptcy case.
This Article begins to fill that gap. It discusses the identities and qualifications of CPOs in significant cases involving the sale of customer data and makes suggestions to ensure the appointment of a CPO who is disinterested yet qualified to both fulfill the purpose of the Bankruptcy Code and to protect consumer privacy interests.
This Article argues that the appointment of a qualified CPO is critical to the proper functioning of the Bankruptcy Code and crucial for the protection of customer data. Although much work remains to be done to protect customer data and privacy interests in a bankruptcy case, devoting resources to the development of expert CPOs is a critical step toward this goal.
|