Feeds:
Posts
Comments

Posts Tagged ‘privacy class action’

My firm, BakerHostetler, has recently released two excellent resources for those interested in recent trends in the areas of class actions and data privacy (including, of course, recent trends in data privacy class actions!).

The 2016 Class Action Year-End Review summarizes trends in class action procedure generally and recent developments in a variety of different subject matter areas.

The  2017 Data Security Incident Response Report “highlights the critical need for senior executives in all industries to understand and be ready to tackle the legal and business risks associated with cyberthreats and to have enterprisewide tactics in place to address intrusions before they happen.”  See Full Explanatory Article Here.  In addition to other useful content, the report includes statistic on trends in class actions arising out of large data breach incidents.

Be sure to check both of them out.

 

 

Read Full Post »

I’ll be speaking at a data breach and privacy litigation conference on February 11, 2016 at the Julia Morgan Ballroom, 465 California Street, San Francisco.  The program is sponsored by HB Litigation Conferences and features an all-star faculty (present company excluded) of plaintiffs’ and defense litigators, insurers, settlement administrators, coverage lawyers, and other key stakeholders in this exciting and emerging area of the law.  For more information about this can’t-miss program, see the link below.  Hope to see you there!

http://hblc.litigationconferences.com/data-breach-privacy-litigation-request-agenda-2016-0?utm_referrer=http%3A%2F%2Flitigationconferences.com%2F35252%2F

 

Read Full Post »

Yesterday, U.S. District Judge Paul Magnuson issued an order granting certification in the consolidated MDL proceeding brought on behalf of issuing banks claiming damages resulting from Target’s 2013 payment card hacking incident.  Click Here for a copy of the order.  The BakerHostetler Class Action Lawsuit Defense Blog will feature a more detailed write-up on the decision soon.

In the way of initial reaction, I don’t think the decision will be impactful in cases outside the specific context of issuing bank class actions against retailers in payment card breach cases because of unique issues having to do with common injury and causation of loss.  In particular, in evaluating whether variations in injury and causation should prevent certification, Judge Magnuson distinguished the issuing bank case from the class actions brought on behalf of individual consumers arising from the same breach.  Judge Magnuson observed that while the injuries alleged by consumers are largely potential future injuries that may or may not occur, the banks claimed to have already suffered concrete injuries in the form of the cost of reissuing cards to customers.  Thus, he reasoned that the any individualized issues regarding causation and injury were not present with regard to the financial institutions’ claims, and any issues regarding variations in the amount of damages did not prevent class certification.  This distinction means that the decision will be of limited value to plaintiffs in consumer data breach class actions.

Read Full Post »

Anyone still checking this site will have noticed a complete lack of new content lately, which is mostly the result of pure laziness on my part but partially due to the demands of several other writing projects I’ve been working on.  I’m pleased to announce that one of these articles it out, and the folks at Practical Law the Journal have graciously given permission for me to post a reprint here.  Click the following link to view the article, entitled Key Issues in Data Breach Litigation, which is featured in the October 2014 issue.  Please be sure to visit the Practical Law website to learn how to subscribe to more great content on timely legal topics.

Also, speaking of data privacy litigation, I’ll be part of a panel presenting on the topic at the ABA Institute on Class Actions next week in Chicago.  It’s not too late to register.

Read Full Post »

Data breach cases are popular targets for class actions these days because a single incident of hacking or theft can expose the sensitive personal or financial information of millions of people at a time.  However, a key hurdle in these cases has been proof of harm sufficient to satisfy the Article III injury-in-fact standard for cases filed in the federal courts (or in state courts that apply a similar injury-in-fact standard).  Recently, plaintiffs have been attempting to get around the standing problem by alleging that they had to incur credit monitoring fees or other out-of-pocket expenses due to a fear of identity theft.

Shannon Tan, associate corporate counsel for Raymond James Financial, Inc., in St. Petersburg, FL, recently authored an insightful article for the IAPP newsletter The Privacy Advisor, titled Supreme Court Wiretap Ruling Upholds Stringent Standing-To-Sue Requirements.  Tan’s article discusses the potential impact of the Supreme Court’s decision in Clapper v. Amnesty International USA on the question of Article III standing in civil data breach cases.  Tan points out that while Clapper is case involving alleged wiretapping by the government, it is likely to make it more difficult for plaintiffs to meet the Article III standing requirements in civil data breach cases because data breaches often don’t result in any immediate harm but only a threat of potential future harm.  A threat of harm must be “certainly impending” to satisfy the Article III standard set forth in Clapper.  This issue is exacerbated in the class action context, because even if some members of the class can prove actual harm, such as identity theft, it is a rare case where the plaintiff would have some common proof that identity theft occurred for all class members, a problem that recently doomed certification of a class action in In re Hannaford Bros. Co. Customer Data Security Breach Litigation.

Read Full Post »

My article for the University of Denver Law Review’s Online Edition entitled Statutory Penalties and Class Actions: Social Justice or Legalized Extortion?  was posted today.  The article discusses potential reforms to address the problem of class actions for statutory penalties giving rise to potentially annihilating liability in cases involving little or no actual harm.  Please check it out.  While you’re there, check out some of the other excellent content on a wide variety of legal topics that the DU Law Review has to offer in its online supplement to its regular print publication.

Read Full Post »

Work commitments have prevented me from posting over the past week, but I wanted to take the opportunity to point out that there have been some notable developments in the privacy class action area over the past week.  Judy Selby covered these developments in a recent blog post for the BakerHostetler Class Action Defense and Data Privacy Monitor blogs.  Selby’s post, titled Hannaford v. comScore – Up and Down Results for Privacy Class Action Defendants, compares and contrasts two recent decisions, one granting and one denying class certification, in privacy cases.

Read Full Post »

Older Posts »