Last month, a district court in the Northern District of California delivered a fatal blow to the Javier saga, dismissing his claim with prejudice. Javier v. Assurance IQ, LLC, No. 20-CV-02860-CRB, 2023 WL 3933070 (N.D. Cal. June 9, 2023). As we previously reported, the court’s holding concludes a drawn-out dispute on a website
Shing Tse
Federal Court Rules in Favor of LinkedIn’s Breach of Contract Claim after Six Years of CFAA Data Scraping Litigation
We have been covering the hiQ-LinkedIn data-scraping saga for several years now on CPW. (See previous posts here, here, here, and here).
After well-publicized litigation that made its way to the Supreme Court and back again, the United States District Court for the Northern District of California ruled[1] that the provisions of a website user agreement that prohibit anti-scraping and fake profiles are enforceable in a breach of contract claim. Businesses should take note and ensure that their own conduct enforces their terms and conditions in order to prevent violators from successfully claiming affirmative defenses. If a business knows of a violation, and wants to have enforceable terms, it should pursue remedying that violation.Continue Reading Federal Court Rules in Favor of LinkedIn’s Breach of Contract Claim after Six Years of CFAA Data Scraping Litigation
CPW’s Kristin Bryan, Jesse Taylor and Shing Tse Co-Author Chapter for Lexis Practical Guidance on Privacy, Cybersecurity and Data Breach Litigation: Key Laws and Considerations
CPW’s Kristin Bryan, a 2022 Law360 Privacy & Cybersecurity MVP as well as a featured subject matter expert for LexisNexis, Jesse Taylor and Shing Tse teamed up to co-author a chapter of the Lexis Practical Guidance titled “Privacy, Cybersecurity and Data Breach Litigation: Key Laws and Considerations”. In this practice…
Federal Court Clarifies the Article III Standing Requirement for FDCPA Violations
A Seventh Circuit district court recently clarified that a Fair Debt Collection Practice (“FDCPA”) plaintiff may not satisfy Article III’s injury-in-fact requirement by alleging confusion and aggravation, even where a complaint generally alleges actual damages.
In Suxstorf v. Portfolio Recovery Assocs. LLC, Plaintiff brought claims under the FDCPA, 15 U.S.C. § 1692e against Defendant, Portfolio Recovery Associates LLC, a debt collector. In connection with an outstanding debt, Defendant sent Plaintiff a “permanent hardship” letter, in which Defendant offered to pause or cease its collection efforts upon a showing of permanent hardship. Defendant attached to the letter a “Permanent Hardship Request Form,” in which it requested certain consumer information to evidence permanent hardship, including: the consumer’s date of birth, the last four digits of the consumer’s Social Security number, the consumer’s employment status, whether the consumer is receiving unemployment benefits, whether the consumer is receiving Social Security benefits or any other financial assistance from the government, any other sources of income and a description of any financial hardship and the duration of that hardship.
Plaintiff alleged that Defendant’s request for such information was under false pretenses and that the actual purpose of requesting the information was to determine whether to bring suit against the consumer based on the information obtained from the permanent hardship letter. Plaintiff alleged that this practice violated, among other statutes, the FDCPA, 15 U.S.C. § 1692e(10), which prohibits a debt collector from using “any false representation or deceptive means to collect or attempt to collect any debt or to obtain information concerning a consumer.” 15 U.S.C. § 1692e(10). Plaintiff alleges that he was confused and misled by the letter and that he was required to spend time and money investigating the letter and the consequences of his response. Continue Reading Federal Court Clarifies the Article III Standing Requirement for FDCPA Violations
Ninth Circuit District Court Finds No Standing for Alleged Lost Commercial and Proprietary Data in Privacy Litigation
Recently, a federal court in California held that the loss of stored data, without more, is insufficient to establish Article III standing to withstand a motion to dismiss. In so doing, the court joined a number of other courts in holding that allegations of speculative harm devoid of allegations that personal information was stolen or…
Third Circuit Issues Order in WaWa Data Breach
CPW has been covering the data breach litigation In re: Wawa, Inc. Data Security Litigation, pending in the U.S. District Court for the Eastern District of Pennsylvania (see here and here). As a reminder, In Re: Wawa Inc. Data Security Litigation, No. 2:19-cv-06019 arose out of a data breach impacting Wawa, Inc.…
hiQ Labs v. LinkedIn : Ninth Circuit Indicates Tort-Based Claims, Not CFAA, Appropriate Legal Theory for Attacking Data Scraping Practices
Earlier this week, the Ninth Circuit, yet again, concluded that data scraping public websites is not unlawful. In hiQ Labs, Inc. v. LinkedIn Corp., a case that has been ongoing for nearly five years, the Ninth Circuit affirmed its earlier decision that LinkedIn may not rely on the Computer Fraud and Abuse Act (“CFAA”)…
Federal Court Dismisses Data Breach Litigation
Recently, a federal court in Kansas joined a number of other courts in finding that allegations of future, speculative harm unadorned with actual theft or misuse of personal information are insufficient to establish Article III standing.
In Ex rel Situated v. Med-Data Inc., Case No. 21-2301-DDC-GEB, 2022 U.S. Dist. LEXIS 60555 (D. Kan. Mar. …