The recent rise in privacy class actions is requiring courts to address difficult questions about the types of harms that result from a data breach. Two settlement agreements approved last year add to the growing skepticism about unspecified allegations of harm arising out breaches of payment card and basic identifying information. This can be contrasted with the harms that result from intentional ‘snooping’ cases, including Jones v. Tsige. Falling somewhere in between are the accidental breaches involving information that can be much more personal (like belonging to a social networking site that encourages extramarital affairs), yet producing harms that are still very difficult to quantify.
This issue of PrivacyScan considers the various categories of privacy breach-related litigation, focusing on recent judicial commentary regarding some of the largest class action suits.