To Estimate The Value Of Facebook, A Study Asked How Much Money Users Would Demand As Payment To Quit The Service
Samsung Phone Owners Unable To Delete Facebook And Other Apps. Anger And Privacy Concerns Result

Pennsylvania Ruling May Help Plaintiffs in Class Action Lawsuits About Data Breaches

An article in the Lexology site by attorneys at Thompson Coburn LLP provides an important update about class-action lawsuits in Pennsylvania regarding data breaches and data security:

"One of the most insurmountable barriers for security breach class action plaintiffs has been the ability to show concrete damages. In order to bring a lawsuit, fundamentally, plaintiffs must have standing to sue. In federal court, this standing to sue is governed by Article III of the U.S. Constitution. The U.S. Supreme Court has articulated standing to sue as requiring (1) injury in fact, (2) fairly traceable to the defendant’s conduct, (3) that is likely redressed by a favorable decision... Proving a concrete and particularized injury therefore becomes difficult for plaintiffs... since it often becomes an individualized analysis of harms. Many state courts follow similar standing requirements as those articulated by the federal courts..."

The case involved a class-action lawsuit by employees against their employer, the University of Pittsburgh Medical Center (UPMC). The suit alleged that the sensitive personal and financial information for 62,000 current and former employees had been stolen, and that:

"... UPMC breached an implied contract and was negligent by failing to implement adequate security measures to safeguard information relating to employees."

The claims were dismissed by a trial court. The employees appealed that decision, and the appellate court agreed with the trial court's decision. The good news:

"... the Pennsylvania Supreme Court concluded the lower courts erred in determining UPMC did not owe a duty to safeguard the employees’ personal information and that the economic loss doctrine barred the negligence claim... While the Pennsylvania decision affects only Pennsylvania for the time being, anyone that collects or stores personal information should be aware that this could signal a new tide for security breach plaintiffs..."

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.

Your Information

(Name and email address are required. Email address will not be displayed with the comment.)