Privacy Law Blog

Tag Archives: damages

Proskauer Litigators Notch Another Victory for The Bank of New York Mellon in “Identity Exposure” Lawsuit

On June 25, 2010, Judge Richard Berman of the U.S. District Court of the Southern District of New York granted summary judgment to The Bank of New York Mellon Corp. in Hammond v. The Bank of New York Mellon Corp., dismissing in its entirety a putative class action lawsuit arising from the loss of backup tapes containing personal information in the spring of 2008. Judge Berman's dismissal represents yet another in a long, and still growing, line of cases standing for the proposition that without more, the mere exposure of personal information is not an adequate basis for a lawsuit. … Continue Reading

Geez Ruiz: 9th Circuit (Probably) Ends Long-standing Data Breach Litigation Against Gap, Inc. and Others

On May 28, 2010, in an unpublished decision, the U.S. Court of Appeals for the Ninth Circuit affirmed the California district court's dismissal of a class action lawsuit against retailer Gap, Inc. because, among other things, the plaintiff failed to show that the loss of his personal information harmed him in a legally cognizable way. The Ninth Circuit's decision echoes those issued in every "identity exposure" lawsuit to date: an increased risk of identity theft does not a lawsuit make! … Continue Reading

Northern District of Illinois Foreshadows Tough Row[e] to Hoe for Identity Exposure Plaintiff, but Denies Motion to Dismiss

On January 5, 2010, Judge William Hibbler of the U.S. District Court for the Northern District of Illinois became the latest federal district judge to share his views about whether an increased risk of future harm based on the inadvertent exposure of personal information is a legally cognizable harm. In Rowe v. UniCare Life & Health Insurance Co., No. 1:09-cv-2286 (N.D. Ill. Jan. 5, 2010), Judge Hibbler . . . hinted that the plaintiff's claims for violations of the Fair Credit Reporting Act ("FCRA") and the Illinois Insurance Information and Privacy Act, as well as his common law claims of invasion of privacy, negligence and breach of implied contract, may ultimately be dismissed if the plaintiff failed to show a basis for damages other than his alleged increased risk of future harm, such as identity theft. … Continue Reading

Recent Death of Data Breach Class Action Resuscitates Lack of Standing Arguments in Identity Exposure Cases

In Amburgy v. Express Scripts, Inc., Magistrate Judge Frederick R. Buckles of the U.S. District Court for the Eastern District of Missouri held that "plaintiff's asserted claim of 'increased-risk-of-harm' fails to meet the constitutional requirement that a plaintiff demonstrate harm that is 'actual or imminent, not conjectural or hypothetical.' Plaintiff has therefore failed to carry his burden of demonstrating that he has standing to bring this suit." … Continue Reading

Proskauer Litigation Team Helps Secure Dismissal of Speculative Identity Exposure Claims Against BNY Mellon

Where the only harm alleged is mere "speculation as to a possible risk of injury," a claim cannot survive a 12(b)(6) motion to dismiss, according to a District of Connecticut decision issued on August 31, 2009. McLoughlin v. People's United Bank, Inc., and Bank of New York Mellon, Inc., No. 3:08-cv-00944-VLB (D. Conn. Aug. 31, 2009), thus follows a long and growing line of cases which simply hold that where there is no actual harm, there can be no case. … Continue Reading

No Harm, No Lawsuit: Seventh Circuit Refuses Data Breach Lawsuit Where Credit Monitoring Costs Are the Only “Damages” Sought

Where the only “damages” alleged following a data security breach are the costs of credit monitoring, a plaintiff has no case, so ruled the Seventh Circuit on August 23, 2007. The decision dealt another blow to so-called “identity exposure” plaintiffs seeking to recover damages stemming from the unauthorized disclosure of their personal information, as the Seventh … Continue Reading
LexBlog