Sony Beware: New Argument Seeks To Establish Standing In 'Harmless' Data Breach Lawsuits
from the people-suing-sony-should-pay-attention dept
Whoever is filing class action lawsuits against Sony for the PSN hack may want to pay attention to a totally different case in Northern California. You see, for years, we've noted that judges will toss out lawsuits about data breaches if the person suing can't show any actual harm. It's happened again and again and again. To some extent, you can understand the reasoning: if your data wasn't used to cause you any harm, should you really have much of a legal leg to stand on?But, of course, the problem with that is that it lessens the damage that can hit companies for being downright careless with your private data. However, this case in the Northern District of California, involving Alan Claridge suing RockYou, has gone differently so far (found via Michael Scott), because Claridge made a different kind of argument:
While many plaintiffs in data breach cases (unsuccessfully) allege harm suffered based on an increased risk of identity theft as well as inconvenience and out-of-pocket expenses associated with credit monitoring, Plaintiff employed a unique argument. As the court described, “Plaintiff generally alleges that defendant’s customers, including plaintiff, ‘pay’ for the products and services they ‘buy’ from defendant by providing their PII [personally identifiable information], and that the PII constitutes valuable property that is exchanged not only for defendant’s products and services, but also in exchange for defendant’s promise to employ commercially reasonable methods to safeguard the PII that is exchanged. As a result, defendant’s role in allegedly contributing to the breach of plaintiff’s PII caused plaintiff to lose the ‘value’ of their PII, in the form of their breached personal data.”The court is still skeptical of the argument, but is at least willing to hear things out. In other words, this is still very early, and it's at the district court level, so those who like this argument shouldn't get their hopes up yet. But, it's certainly making it a case worth watching.
According to the court, the alleged was enough for purposes of standing. “On balance, the court declines to hold at this juncture that, as a matter of law, plaintiff has failed to allege an injury in fact sufficient to support Article III standing . . . [T]he court finds plaintiff’s allegations of harm sufficient at this stage to allege a generalized injury in fact.”
And I'd be remiss in not mentioning that this is the kind of thing that we'll almost certainly be discussing at our upcoming dinner salon, since it very much taps into the theme of how companies need to act when their "customers" are also their "product," in terms of the information and data they collect...
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: data breach, standing
Companies: sony
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
head to head fight!!!!
1.last week the "high" court said that "binding arbitration takes president over class action suits"
2.class action suits have a new twist ....
3. sony says bring it on....You must go to binding arbitration..it's in your eula....one at a time please and we split the cost!!(about $980 per hour in my neck of the woods)
plus the cost of a lower lawyer
4. WHAT??? no takers i can"t imagine why???
[ link to this | view in chronology ]
What steps will you be taking to protect the PII of the participants?
[ link to this | view in chronology ]
Response to: Pixelation on May 2nd, 2011 @ 6:00pm
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
@Ironm@sk I was just funnin'.
[ link to this | view in chronology ]
How is this different than Copyright Infringement? Oh, that's right the **AA's bought the laws
Yes, I know it's because there is a law with a 'statutory damages' clause that makes this possible....
So lets get a new law passed (anyone out there own a congress critter to get this going?) applying the same 'statutory damages' concept to companies infringing on individuals PIP. I think it would be fair to add a 'punitive damages' clause to PIP losses as well, since without these excessive damage awards, companies will never learn that they need to be careful with everyone's intellectual property, not just their own.
If sharing one song is worth $150,000, I'm sure that sharing one individuals PIP would be worth at least $1,500,000 in statutory damages, and another $5,000,000 in punitive damages, after all one individual could have produced an infinite number of songs/movies/games/software/etc, if only their valuable personal intellectual property hadn't been stolen by those dirty rotten corporations....
I'm not really serious.... or am i? /sarcasm off
[ link to this | view in chronology ]