cybersecurity

  • September 08, 2023

New England Cybersecurity and Data Privacy Class Action Filings Soar in 2023

Class Action Litigation, Class Actions, Privacy Class Actions, Standing
Authors:
Practice area:

Earlier in 2023, we launched our New England and First Circuit Class Action Tracker, as a tool to analyze class action litigation trends in Massachusetts, Maine, New Hampshire, and Rhode Island. In July, we updated our tracker to include data through the second quarter of 2023. A review of new filings submitted during that latest quarter reinforces the trends that we recently observed in our client alert on the enforcement of U.S. Consumer Data Privacy laws through private litigation. Namely, we are seeing record-high levels of data privacy and cybersecurity class action filings, particularly in Massachusetts courts, in the first half of 2023.

Data privacy and cybersecurity class action suits continue to represent the largest share of annual class action filings in New England to date. Although the healthcare sector continues to represent the largest share of defendants, other sectors, such as tech, retail and manufacturing, and financial and professional services industries are also experiencing high rates of cybersecurity and data

Continue Reading...
  • July 27, 2023

First Circuit Revives Data Breach Class Action Claims in Webb v. Injured Workers Pharmacy, LLC

Appeals, Class Actions, First Circuit Decisions, Litigation, Privacy Class Actions, Standing, US District Court - Mass
Authors:
Practice area:

Courts and class action counsel have been considering what kinds of injuries can confer standing to pursue federal claims following the Supreme Court’s 2021 decision in TransUnion LLC v. Ramirez, which held that the defendants’ alleged actions that “deprived [plaintiffs] of their right to receive information in the format required by statute” was not sufficient to establish a concrete injury necessary to bring a claim. Ever since the TransUnion decision, the question of what is sufficient injury has been reverberating throughout the lower courts and reaching federal courts of appeal.

The First Circuit has now confronted that question on multiple occasions, including its 2022 decision in Laufer v. Acheson (now on appeal to the Supreme Court) that held “dignitary harm” from discrimination was sufficient, along with allegations of “frustration and humiliation” to confer standing on a serial plaintiff who is a website accessibility tester. For more on Laufer,

Continue Reading...
  • November 16, 2022

District of Massachusetts Dismisses Data Breach Class Action for Lack of Injury

Class Actions, Consumer Class Actions, First Circuit Decisions, Litigation, Privacy Class Actions, Standing, US District Court - Mass
Authors:
Practice area:

On October 18, 2022, in Webb v. Injured Workers Pharmacy, LLC, the District of Massachusetts dismissed a class action complaint brought by former pharmacy patients alleging that their sensitive personal information had been exposed in a data breach affecting more than 75,000 customers. In its analysis, the court determined that the named plaintiffs and putative class members could not satisfy the injury-in-fact requirement for constitutional standing. Plaintiffs Webb and Charley had claimed the breach caused “anxiety, sleep disruption, stress, and fear” and cost them “considerable time and effort” monitoring their accounts.

The court rejected these factual allegations as an insufficient basis to confer constitutional standing under Article III:

The Complaint does not sufficiently allege that the breach caused any identifiable harm. It is only alleged that Webb and Charley spent “considerable time and effort” monitoring their accounts and, in Webb’s case, dealing with the IRS. Plaintiffs “cannot manufacture standing merely by inflicting harm on themselves based

Continue Reading...