Eleventh Circuit Holds Monetary Damages Caused by Identity Theft Present a Cognizable Injury


Recently, the U.S. Court of Appeals for the Eleventh Circuit, in a case of first impression, held that the named plaintiffs in a putative class action could pursue their claims for monetary loss from a health care company that allegedly failed to protect their personal information. Resnick v. AvMed Inc., No. 11-13694, 2012 WL 3833035 (11th Cir. Sep. 25, 2012). The plaintiffs allege that they became subject to identity theft several months after laptops containing their sensitive personal information were stolen from the company’s offices. The plaintiffs sued the health care company, alleging negligence, negligence per se under Florida law, breach of contract, unjust enrichment, breach of implied covenant of good faith and fair dealing, and breach of fiduciary duty. The district court dismissed all claims, holding that the complaint failed to state a cognizable injury. On appeal, the court of appeals reversed the district court on the majority of the claims. It held that because the complaint alleges financial injury, and because monetary loss is cognizable under Florida law, the plaintiffs have alleged a cognizable injury. The court found that the plaintiffs “have shown a sufficient nexus between the data breach and the identity theft beyond allegations of time and sequence” because the plaintiffs plead that they were careful in protecting their identities and had never been victims of identity theft. Finding that causation was sufficiently plead, the court of appeals reversed the district court with regard to the counts of negligence, breach of contract, and breach of fiduciary duty. The court affirmed dismissal of the claims of negligence per se and breach of implied covenant of good faith and fair dealing because failure to comply with the relevant state statute cannot serve as a basis for negligence per se, and because the health care company’s actions were not shown to be conscious and deliberate as necessary to support a claim of breach of implied covenant. Finally, the court held that the plaintiffs alleged sufficient facts to sustain a claim for unjust enrichment because they claim to have paid monthly premiums to the company, while alleging that the company failed to implement sufficient data management and security measures. The case was remanded for further proceedings.


Written by:

Published In:

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© BuckleySandler LLP | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.