Consumer Finance Monitor Podcast Episode: Responding to Direct and Indirect Identity Theft Disputes Under the FCRA: What Are The Differences?
Torres Talks Trade Podcast Episode 9 on U.S. Customs and Border Protection's Global Business Identifier program
Phishing: Cybersecurity’s Biggest Threat
Digging Deeper, Episode 1: The Con Queen of Hollywood
Preserving Black History in Bucks County, PA, with Recorder of Deeds Robin Robinson: On Record PR
What is Consumer Fraud and What Deceptions are Employed?
What Companies Should Do to Prepare for Implementation of Cybersecurity Executive Order
A new Fourth Circuit decision has thrown out of federal court a state-law privacy claim where the plaintiff alleged only a bare statutory violation without alleging “a nonspeculative, increased risk of identity theft,”...more
Judge Jeffrey White of the Northern District of California recently dismissed a putative class action lawsuit in which plaintiffs claimed they faced an imminent threat of future of harm in the form of identity theft and fraud...more
The Third Circuit Court of Appeals has given new life to a putative class action suit led by a former employee of a company that suffered a ransomware attack, leading to her sensitive information being released onto the Dark...more
Data breach lawsuits are challenging cases for plaintiffs. Assuming they are able to survive a motion to dismiss on grounds of Article III standing in the first instance, plaintiffs next bear the high burden of achieving...more
In McMorris v. Carlos Lopez & Associates, LLC, a data breach case, the Second Circuit held that plaintiffs may demonstrate standing based on a theory of “increased risk” of future identity theft or fraud following an...more
A federal appeals court recently addressed whether employees had standing to bring a lawsuit when their personally identifiable information (PII) was inadvertently circulated to other employees at the company, with no...more
While some states have enacted privacy laws granting consumers the right to bring a private right of action in a data breach context, federal courts have struggled to fit data breach injury into traditional Article III...more
In April 2021, the Second Circuit issued a decision recognizing an increased risk of future, unrealized identity theft or fraud as a basis for establishing Article III standing. Background - The case, McMorris v. Carlos...more
On April 26, 2021, the Second Circuit Court of Appeals decided the case of McMorris v. Carlos Lopez & Assocs., No. 19-4310, 2021 WL 1603808 (2d Cir. Apr. 26, 2021) and addressed one of the most critical issues in private data...more
On February 4, 2021, the Eleventh Circuit became the latest federal court of appeals to weigh in on a question that has divided the circuits: whether a plaintiff has standing to sue in a data breach case based on an alleged...more
To sue in federal court, a plaintiff must allege an injury that the court can actually remedy, rather than just issuing an advisory opinion, and a connection between the defendant’s conduct and the actual injury. See...more
As part of a growing trend, the Eleventh Circuit recently held that an alleged risk of future identity theft does not establish standing where the plaintiff does not allege any information has actually been misused. Tsao v....more
On February 4, 2021, the Eleventh Circuit affirmed the dismissal of a customer’s proposed class action lawsuit against a Florida-based fast-food chain, PDQ, over a data breach. The three-judge panel rejected the argument that...more
Last week, in Tsao v. Captiva MVP Restaurant Partners, LLC (Captiva), the U.S. Court of Appeals for the 11th Circuit held that data breach claims arising from increased risk of future identity theft and potential mitigation...more
Earlier this month, the Eleventh Circuit, in Tsao v. Captiva MVP Restaurant Partners, LLC, No. 18-14959, 2021 WL 381948 (11th Cir. Feb. 4, 2021), affirmed the dismissal of a class-action lawsuit brought on behalf of patrons...more
In early November, we wrote about a new Eleventh Circuit decision on Article III standing law which directly held that it was not enough to allege a statutory violation and instead there must be a concrete injury to sustain...more
In an opinion that deepens an existing circuit court split, the Eleventh Circuit recently held that the future risk of identity theft is not sufficient to establish Article III standing....more
On June 21, 2019, the D.C. Circuit split with several other circuits in holding that alleging a heightened risk of identity theft following a data breach is enough to establish standing at the pleadings stage....more
In this month's edition of our Privacy & Cybersecurity Update, we examine New York's new laws expanding consumer protection for data breaches, the D.C. Circuit's two rulings deepening the split regarding standing in data...more
The U.S. Office of Personnel Management (“OPM”) made headlines when several hacks of confidential data came to light in 2015, intrusions that compromised the personal data of over 20 million individuals. On July 21, 2019, in...more
Last Friday we blogged on the Saks data breach class action, and in the process mentioned a trend among federal courts to reject fear of future identity theft claims in retail breach cases. ...more
Consumer data breach class actions, for all of their popularity on dockets and especially in headlines, can make difficult cases for plaintiffs. Issues like standing and damages often keep these cases from getting off the...more
Over the past few years, there has been a surge in class actions challenging companies’ privacy and data security practices. But, while the number of class actions continues to grow, the suits face several significant...more
The Fourth Circuit’s 2017 decision in Beck v. McDonald held that the mere fear of identity theft in the wake of a data breach was insufficient to confer Article III standing. ...more
The U.S. Court of Appeals for the Fourth Circuit has found that allegations that fraudsters used the personal information of data breach victims are sufficient to establish standing even without any fraudulent charges...more