One of the main risks that a company faces after a data breach is a potential lawsuit. Plaintiffs often will allege creative statutory and common law theories of harm after they learn that their personal information has been...more
In the complex and rapidly evolving landscape of data breach litigation, the First Circuit’s recent case of Webb v. Injured Workers Pharmacy, LLC stands as a significant milestone, and it offers a wealth of insights for...more
The United States Court of Appeals for the Third Circuit recently held that a plaintiff had standing to sue her former employer for a data breach that exposed her personal information to the “Dark Web” because she...more
On a small peninsula extending into the Chesapeake Bay, a developer has applied for several variances. It seeks to allow the disturbance of steep slopes, exceed the maximum structure size for its lot, clear-cut old-growth...more
In McMorris v. Carlos Lopez & Associates, LLC, a data breach case, the Second Circuit held that plaintiffs may demonstrate standing based on a theory of “increased risk” of future identity theft or fraud following an...more
On June 21, 2019, the D.C. Circuit split with several other circuits in holding that alleging a heightened risk of identity theft following a data breach is enough to establish standing at the pleadings stage....more
The D.C. Circuit Court of Appeals recently reaffirmed its position that a plaintiff can establish Article III standing (federal court subject matter jurisdiction) based solely on the risk of potential future harm following a...more
In Nunez v. Saks Inc., the Ninth Circuit held that a named plaintiff who fails to allege that class members are likely to suffer future injury cannot advance a claim for injunctive relief....more
Pursuing negligence claims in the Eighth Circuit following a data breach just got harder. On May 31, 2019, the U.S. Court of Appeals for the Eighth Circuit again dismissed the data breach claims in In re SuperValu, Inc....more
Following the Supreme Court’s ruling in Spokeo v. Robins, which held that federal plaintiffs alleging a statutory violation must have suffered a real, concrete injury in order to have Article III standing, many defendants...more
We previously reported on the developing circuit split over Article III standing in data breach class action cases. In August, the D.C. Circuit Court joined the Sixth, Seventh, and Ninth Circuits in finding that the...more
On remand from the Supreme Court, the U.S. Court of Appeals for the Ninth Circuit has held for the second time that the plaintiff in Robins v. Spokeo, Inc. has standing to proceed in federal court with claims under the Fair...more
In this edition of our Privacy and Cybersecurity Update, we take a look at the Trump administration's executive order outlining its cybersecurity plans, Acting FTC Chairwoman Maureen Ohlhausen's comments on the possible...more
The U.S. Court of Appeals for the Fourth Circuit has made it more difficult to establish Article III standing in data breach cases both at the pleading stage and at summary judgment by requiring plaintiffs to allege and show...more
Seyfarth Synopsis: The Supreme Court’s grant of certiorari in three Church Plan cases presents the possibility that many Church Plans thought for years to be exempt from ERISA rules, including its funding rules, will now have...more
In this edition of our Privacy & Cybersecurity Update, we examine changes to EU privacy and data protection laws, new state laws addressing data breach notifications, Congress' review of cyber insurance, and recent court...more
The arts and crafts retail chain Michael Stores Inc. (“Michaels”) received a late holiday gift in the form of a dismissal of a data breach class action lawsuit. On December 28, 2015, the U.S. District Court for the Eastern...more
In the wake of numerous data breach cases dismissed for lack of Article III standing based on the Supreme Court’s decision in Clapper v. Amnesty Int’l USA, 133 S. Ct. 1138, 1147 (2013), the Seventh Circuit Court of Appeals...more