The U.S. Supreme Court heard arguments last month in Clapper v. Amnesty International, a case that asks the Court to determine whether a group of lawyers, journalists, and human rights workers have standing to challenge the federal government’s international electronic surveillance program under the Foreign Intelligence Surveillance Act.  The plaintiffs alleged Fourth Amendment privacy violations among other things, and injury from the likelihood that the government was recording their conversations with clients and sources overseas.  But the plaintiffs could not say with certainty whether any eavesdropping occurred, giving rise to the standing issue before the Court.

Clapper involves standing in the context of constitutional privacy, but the same general standing requirements apply in consumer privacy actions.  Standing is one of the initial hurdles of any would-be plaintiff, and the first element of standing is injury-in-fact.  In the developing area of consumer privacy litigation, recent cases reflect uncertainty in the federal courts as to what constitutes injury-in-fact sufficient to confer standing.

In the data breach context, for example, courts have routinely dismissed cases for lack of injury-in-fact, but, on the other hand, there are recent cases holding that data hacking alone can be a cognizable harm, even if there is no economic injury.  In Krottner v. Starbucks and Pisciotta v. Old National Bancorp, the Ninth and Seventh Circuits found that in the absence of actual identity theft, the threat of future identity theft can be sufficient to confer standing.  In a case involving actual identity theft, the Eleventh Circuit held earlier this year in Resnick v. AvMed, Inc., that the plaintiffs had standing to sue a health insurance company after a company laptop with unencrypted data was stolen and the plaintiffs were the victims of identity theft.

These decisions can be compared with Reilly v. Ceridian Corporation, in which the Third Circuit held in 2011 that there was no standing where the plaintiffs “alleged no misuse [of the stolen data], and therefore, no injury.”  Similarly, this year in Katz v. Pershing, the First Circuit held that the plaintiff failed to allege sufficient injury to confer standing where there was no allegation that the plaintiff’s personal information was not actually accessed by any unauthorized person.

Standing is also often an issue in other, non-data-breach privacy actions.  In a case challenging a mobile app’s collection of geo-location data without consent, the Western District of Washington in Goodman v. HTC America, Inc. held this year that the putative plaintiff class members had sufficiently plead injury to have standing.  The court accepted as cognizable injuries overpayment for phones (because the plaintiffs would have paid less if they knew their location was to be collected as alleged) and diminution in value of the phones because of reduced battery life caused by the collection of geo-location data.  Still, the court held the collection of the data alone did not constitute an injury for standing purposes.

In another geo-location privacy action, the Northern District of California in In re iPhone Application Litigation, found standing in a case against Apple and other mobile industry companies alleging improper collection and disclosure of user data, including geo-location information.  The court found that alleged violations of the Stored Communications Act could serve as a concrete injury for standing, as could allegations that the defendants’ actions consumed finite bandwidth and storage space on the devices and that the transmission of personal data was done without encryption, exposing plaintiffs to “unreasonable risks” of interception.  More recently, in Hernandez v. Path, Inc., the plaintiff was found to have standing where he alleged that removing a mobile app’s tracking software would cost up to $12,250.

Despite recent cases finding standing, standing remains a significant hurdle for plaintiffs in privacy actions.  The Northern District of Illinois in Sterk v. Best Buy Stores held last month that the plaintiff failed to allege any injury-in-fact in a suit challenging Best Buy’s data retention practices.  The plaintiff’s theory was that Best Buy’s practices reduced the value of the plaintiff’s personal information and that the plaintiff would not have paid Best Buy the same price if he had known of Best Buy’s data retention practices.  However, the court held that the plaintiff failed to allege a concrete injury because he did not allege that he was not able to sell or otherwise derive adequate value from his personal information and because defendants charged the same price whether or not customer information was retained.

With this landscape of standing decisions, some may say we are on the precipice of change with respect to standing requirements for actions based on violations of privacy, but there is much uncertainty.  It remains to be seen whether the Supreme Court decision in Clapper will change current standing doctrine, and we will continue to monitor relevant cases as this area develops.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of David Munkittrick David Munkittrick

David Munkittrick is a litigator and trial attorney. His practice focuses on complex and large-scale antitrust, copyright and entertainment matters in all forms of dispute resolution and litigation, from complaint through appeal.

David has been involved in some of the most significant antitrust…

David Munkittrick is a litigator and trial attorney. His practice focuses on complex and large-scale antitrust, copyright and entertainment matters in all forms of dispute resolution and litigation, from complaint through appeal.

David has been involved in some of the most significant antitrust matters over the past few years, obtaining favorable results for Fortune 500 companies and other clients in bench and jury trials involving price discrimination and group boycott claims. His practice includes the full range of antitrust matters and disputes: from class actions to competitor suits and merger review. David advises antitrust clients in a range of industries, including entertainment, automotive, pharmaceutical, healthcare, agriculture, hospitality, financial services, and sports.

David also advises music, publishing, medical device, sports, and technology clients in navigating complex copyright issues and compliance. He has represented some of the most recognized names in entertainment, including Sony Music Entertainment, Lady Gaga, U2, Madonna, Daft Punk, RCA Records, BMG Music Publishing, Live Nation, the National Academy of Recording Arts and Sciences, Universal Music Group and Warner/Chappell.

David maintains an active pro bono practice, supporting clients in the arts and in immigration proceedings. He has been repeatedly recognized as Empire State Counsel by the New York State Bar Association for his pro bono service, and is a recipient of Proskauer’s Golden Gavel Award for excellence in pro bono work.

When not practicing law, David spends time practicing piano. He recently made his Carnegie Hall debut at Weill Recital Hall with a piano trio and accompanying a Schubert lieder.

David frequently speaks on antitrust and copyright issues, and has authored or co-authored numerous articles and treatise chapters, including:

  • Causation and Remoteness, the U.S. Perspective, in GCR Private Litigation Guide.
  • Data Breach Litigation Involving Consumer Class Actions, in Proskauer on Privacy: A Guide to Privacy and Data Security Law in the Information Age.
  • Location Privacy: Technology and the Law, in Proskauer on Privacy: A Guide to Privacy and Data Security Law in the Information Age.
  • FTC Enforcement of Privacy, in Proskauer on Privacy: A Guide to Privacy and Data Security Law in the Information Age.
  • The Role of Experts in Music Copyright Cases, Intellectual Property Magazine.
  • Nonprofit Education: A Historical Basis for Tax Exemption in the Arts, 21 NYSBA Ent., Arts, & Sports L.J. 67
  • A Founding Father of Modern Music Education: The Thought and Philosophy of Karl W. Gehrkens, Journal of Historical Research in Music Education
  • Jackson Family Wines, Inc. v. Diageo North America, Inc. Represented Diageo in trademark infringement litigation