What's Happening?
A class action lawsuit is being filed in the United States against Coupang, a Seattle-based company, following a data breach that compromised the personal information of over 33.7 million users. The lawsuit is spearheaded
by SJKP Law Firm, the U.S. branch of the Korean Daeryun Law Firm, and will be filed in a federal court in New York. Coupang, incorporated in Delaware and listed on the New York Stock Exchange, generates the majority of its revenue from the Korean market. The breach has prompted Coupang CEO Park Dae-jun to take responsibility, while Chairman Kim Bom, a U.S. citizen, has distanced himself from the incident. The lawsuit aims to address corporate governance failures and disclosure violations, differing from Korean legal actions that focus on consumer damages. The U.S. case will utilize the discovery process to obtain internal documents from Coupang, with approximately 200 plaintiffs from Korean lawsuits joining the U.S. action.
Why It's Important?
The lawsuit against Coupang highlights the increasing scrutiny on data protection and corporate governance in the U.S., especially for foreign companies listed on American exchanges. The case underscores the potential for significant financial repercussions, as punitive damages in the U.S. can be substantial if corporate negligence is proven. This legal action could set a precedent for how international companies are held accountable for data breaches affecting U.S. citizens. The outcome may influence how companies manage data security and transparency, impacting stakeholders, including investors and consumers, who demand higher standards of accountability and protection.
What's Next?
The lawsuit is expected to be officially filed by the end of the year, with more plaintiffs likely to join. The case will proceed independently from Korean lawsuits, focusing on corporate governance and disclosure obligations. If Coupang is found to have inadequate data protection measures or attempted to avoid responsibility, it could face punitive damages. The legal proceedings may take time, but they will be closely watched by stakeholders interested in data protection and corporate accountability. The case could prompt other companies to reassess their data security practices to avoid similar legal challenges.
