The Illinois’ Biometric Information Privacy Act (740 ILCS 14/1 et seq.) (BIPA) requires that companies obtain written consent and disclose how they collect, retain, disclose and destroy biometric identifiers such as retina or iris scans, fingerprints, voiceprints, scans of hand or face geometry, or other biometric information from the public. BIPA provides “aggrieved” individuals a private right of action to sue, which if successful, could result in liability up to ... Keep Reading »
Data Breach Class Action Articles
The latest data breach class action developments and trends, including news, key cases, and strategies.
The Future of Standing in Data Breach Class Actions
In today’s world, as technology costs decrease and personal information becomes more valuable on the black market, data breaches have seemingly joined the ranks of death and taxes as certainties. Add to that litigation: companies suffering data breaches face exposure to lawsuits by consumers, employees, and even financial institutions. One particular concern for companies is the possibility of costly consumer class actions. Though such lawsuits still account for fewer ... Keep Reading »
2016 Carlton Fields Class Action Survey Reveals Important Trends in Class Action Management
The fifth annual edition of the Carlton Fields Class Action Survey has just been released, and in this year’s survey corporate counsel report that class action spending has increased after four consecutive years of decline. Spending is also projected to increase in 2016. This marks a key turning point. The Numbers Across industries, the companies surveyed report that they spent $2.1 billion on class action lawsuits in 2015. The number of companies facing at least one ... Keep Reading »
Data Breach Class Actions: 2015 Year in Review and 2016 Preview
As 2015 draws to a close, questions over standing in data breach class actions remain. Earlier this year, the Seventh Circuit denied retailer Neiman Marcus’s petition for rehearing en banc of a panel opinion holding that plaintiffs whose credit card information was stolen in a data breach had standing to sue under Article III of the United States Constitution based on alleged fear of future identity theft; in so doing, the Seventh Circuit confirmed that the circuit split ... Keep Reading »
Seventh Circuit Petitioned for Rehearing En Banc to Determine Whether Data Breach Class Claims Survive Clapper, Satisfy Article III Standing Requirements
In January 2014, luxury retailer Neiman Marcus disclosed that it had suffered a cyberattack in which hackers may have gained access to 350,000 credit and debit cards used at its stores in late 2013. Plaintiffs, all of whom made credit or debit card purchases from the retailer during the relevant time period, filed a putative class action lawsuit on behalf of themselves and all other customers whose card information may have been compromised. Neiman Marcus moved to ... Keep Reading »
Target Reaches Preliminary Settlement in Consumer Data Breach Class Action
Last week, a Minnesota federal district court granted a motion for preliminary approval of a settlement of putative consumer class action claims against Target in the wake of a data breach at the retailer over the 2013 holiday shopping season. The settlement will provide a fund of up to $10 million to be distributed through a claims process to class members who suffered identity theft as a result of the breach. The final approval hearing is set for November 10, ... Keep Reading »
Threat of Identity Theft is Not Enough: Another Data Breach Class Action Dismissed for Lack of Standing
Hewing to prior Third Circuit precedent in Reilly v. Ceridian and the Supreme Court's precedent in Clapper v. Amnesty International, the Middle District of Pennsylvania recently joined the majority of federal district courts in dismissing putative data breach class actions for lack of standing where the named plaintiffs fail to allege identity theft. Although standing is a requirement in any case, it is particularly relevant in the data breach context, where actual ... Keep Reading »
No Harm, No Standing: Texas Federal Court Dismisses Data Breach Class Action
Dismissing a class action based on a data breach, the Southern District of Texas added to the growing number of decisions that find an alleged risk of future identity theft due to a data breach is not an injury that creates standing to bring federal claims. The plaintiff, Beverly Peters, a former St. Joseph patient, brought a class action lawsuit against the medical provider after receiving notification that her personal information and protected health information had ... Keep Reading »
Will 2015 Be The Year of the Data Breach Class Action?: Target Data Breach Claims Survive Motions to Dismiss
Various media outlets dubbed 2014 "the Year of the Data Breach." Unfortunately for businesses, breach of their secure systems by hackers may be only the beginning of the bad news – which often culminates in class action lawsuits. Although 2014 started favorably for data breach defendants, with several federal district courts granting motions to dismiss such claims, December ended on a high note for the plaintiff's bar, with two Minnesota federal district decisions ... Keep Reading »