Skip to main content

SHAUHIN TALESH, University of California, Irvine

  • When: February 22, 2017, 12 pm
  • Where: ABF Woods Conference Room, 750 N. Lake Shore Drive, 4th Floor, Lakeside, Chicago IL 60611

Calendar event Add this event to your calendar (Outlook, iCal, etc…)

Data Breach, Privacy, and Cyber Insurance: How Insurance Companies Act as “Compliance Managers” for Businesses

While data theft and cyber risk are some of the biggest threats facing organizations, existing research suggests that the majority of organizations do not have sufficient protections in place to prevent data breach events, deal with post-breach notification responsibilities, and comply with various privacy laws. This article explores how insurance companies play a critical and as yet, unrecognized role in assisting organizations in complying with privacy laws and dealing with cyber theft.  My analysis draws from and contributes to two literatures that examine organizational compliance with law in different ways:  new institutional organizational sociology studies of how organizations respond to legal regulation and socio-legal insurance scholars’ research on how institutions govern through risk.  Through participant observation at cyber liability insurance conferences, interviews, and content analysis of insurer loss prevention manuals and risk management services, my study bridges these two literatures and highlights how the insurance field acts as a compliance manager for organizations dealing with cyber security threats.  Well beyond pooling and transferring risk, insurance companies offer cyber insurance and a series of unique risk-management services that influence the form of compliance of organizations dealing with privacy laws. My data reveal that insurance institutions—and the risk management services that accompany cyber liability insurance—play an important role in shaping the way organizations deal with cyber threats and comply with privacy laws.

Data Breach, Privacy, and Cyber Insurance: How Insurance Companies Act as “Compliance Managers” for Businesses Paper

Shauhin Talesh is a Professor of Law at UC Irvine School of Law. He also has joint appointments in Sociology and Criminology, Law & Society, and is currently the Director of the Law and Graduate Studies Program at UCI. Talesh is an interdisciplinary scholar whose work spans law, sociology, and political science. His research interests include the empirical study of law and business organizations, dispute resolution, consumer protection, insurance, and the relationship between law and social inequality. Talesh’s scholarship has appeared in multiple law and peer-reviewed social science journals including Law and Society Review and Law & Social Inquiry. His work has won multiple awards. Prior to working at UC Irvine, Talesh graduated from UCI in 1996 with a degree in Criminology, Law & Society. He then went to law school and also obtained an LL.M in Insurance at the University of Connecticut and clerked for Justice Norcott of the Connecticut Supreme Court upon graduating. He then spent five years working as a business litigation attorney at Foley & Lardner LLP before pursuing his Ph.D at UC Berkeley’s Jurisprudence and Social Policy Program.

Courtesy of the University of California, Irvine 

« Return to ABF Research Seminars

Site design by Webitects

© 2023 American Bar Foundation (
750 North Lake Shore Drive
Chicago, IL 60611-4403
(312) 988-6500
Contact Us
Contact the Fellows
Media Contacts
Privacy policy
Any opinions, findings, and conclusions or recommendations expressed in ABF publications are those of the author(s) and do not necessarily reflect the views of the American Bar Foundation or the American Bar Association. The AMERICAN BAR FOUNDATION, ABF and related seal trademarks as used by the American Bar Foundation are owned by the American Bar Association and used under license.