A Northern District of California Judge has ruled that plaintiffs need not allege economic damages resulting from a website breach of privacy in order to proceed past the motion to dismiss stage of litigation. Claridge v. Rockyou, — 09 cv 6032 — (NDCA, April 11, 2011). Plaintiffs sued photo sharing site RockYou for improperly storing users’ names and passwords, thereby resulting in a security breach which revealed users’ info publicly.
Typically, plaintiffs must show economic damages in order to avoid dismissal on such negligence suits. The Court ruled that allegations that personally identifiable information was disclosed were sufficient to state a cause of action for privacy violation. However, despite the fact that plaintiffs now get to move past the motion to dismiss stage, they will still, at some point, have to prove damages in order to prevail in the case. The court noted:
If it becomes apparent, through discovery, that no basis exists upon which plaintiff could legally demonstrate tangible harm via the unauthorized disclosure of personal information, the court will dismiss plaintiff’s claims for lack of standing at the dispostive motion stage.
What this means: The nuisance value of privacy lawsuits has increased in so far as plaintiffs can stay in the lawsuit longer and hold out for a better settlement from companies. While defendant companies would probably win in the end, they would not want to spend the enormous amount of money to take the case to the next (summary judgment) stage. Thus, web companies now have that much more incentive to take user privacy seriously because litigious plaintiffs now have that much more incentive to sue.
Enter your email to get started.