Despite the much-anticipated impact of TransUnion LLC v. Ramirez (“Ramirez”), the Supreme Court decision has not prevented data breach and privacy class actions from proceeding past the pleading stage in federal courts across...more
The Supreme Court’s June 2021 decision in TransUnion LLC v. Ramirez led many to believe that data breach plaintiffs were going to have a difficult time establishing standing. After all, the Court suggested that exposure to...more
Instead of identifying traditionally “tangible” injuries, data breach plaintiffs typically point to the fact that they may be the victim of identity theft at some point in the future. Prior to late April 2021, the federal...more
Who has standing to bring claims for alleged statutory violations of privacy and cybersecurity statutes? There is no easy answer to this question. In Spokeo, Inc. v. Robins, the Supreme Court explained that just because a...more
Following Spokeo, Inc. v. Robins,1 lower courts across the country were tasked with applying the Supreme Court’s “concrete” injury standard to a wide range of privacy and cyber claims. These claims range from the improper...more
The U.S. Supreme Court recently declined to review CareFirst Inc. v. Attias, a data breach standing case. For those hoping for resolution of a notable circuit split over what constitutes Article III standing at the pleading...more
In May of this year, in Robins v. Spokeo, the Supreme Court ruled on the important issue of standing for plaintiffs asserting statutory claims for damages in federal court. Some observers thought the decision would guide...more
In what is sure to be a widely cited data breach standing decision, the U.S. Court of Appeals for the Seventh Circuit found that increased risk of future harms from a data breach are sufficient to confer standing to sue upon...more