A collection of factors has caused the United States to be poised on the precipice of a new wave of litigation - litigation arising from the improper use or collection of information. Public concern over is ever increasing while, and some would say because, information has become critical to our everyday existence. In what is now a self-reinforcing cycle, increased public concern has caused an exponential increase in regulations, and the new regulations have caused increased attention and public concern because many of the new laws require public disclosure of security breaches, which increases societal concerns over privacy. Security breach laws, the laws that mandate public disclosure of data incidents, provide the best example of the increase in regulation - Just a few short years ago California passed the first security breach law. Now, 43 other states, the City of New York, Washington, D.C., and Puerto Rico, have adopted laws and many other countries have either adopted, or are likely to adopt, security breach laws as well. Restrictions on the collection and use of Social Security number laws provide another such example as now more than 35 states have adopted these type of laws. Whether the increasing public concern over is caused by, or reflected in, the new laws, the phenomenal expansion in the number of laws will have a predictable effect - a geometric increase in the number of laws will result in an equally geometric increase in the number of violations of laws. As violations increase there is an equally predictable consequence - increased incentives for individuals to attempt to enforce these new rights. One of the first challenges in litigation is to define what privacy litigation actually is. While consumer-based litigation gains much of the attention, to focus exclusively on consumer-oriented litigation misses half the picture. The increase in value of information has increased the number of businesses that are bringing litigation to protect their intellectual capital and their networks. Though these claims are not thought of as privacy litigation in the traditional sense, these claims are no less about the improper use of information than actions brought by individuals. This litigation is frequently brought under the Computer Fraud and Abuse Act, the Electronic Communications Privacy Act, CAN-SPAM, the unfair competition law, including portions of the Lanham Act. In the realm, the Federal Trade Commission (FTC) serves as the primary federal enforcer. However, the FTC does not have unlimited resources, is not its only responsibility, and the actual number of enforcement actions is not as high as one might guess. As a result, state attorney generals have an important role to play in enforcement. However, with limited exceptions, state attorney generals have not brought a significant number of matters. As a result, enforcement in many cases falls to private plaintiffs, and they play a role in enforcing laws where violations are alleged to have occurred. However, the road to plaintiffs' recovery in litigation is littered with a number of issues that can derail a case before it truly starts, not the least of which is that plaintiffs in many cases cannot prove actual damage, and may actually lack standing to bring an action. Moreover, even if the case clears this hurdle, many class actions fail the certification requirements because of issues unique to litigation. This article examines the common theories of litigation, the issues faced by plaintiffs, and examines class action issues generally, as well as some class issues that are unique to litigation. While cases have had mixed success, the increased importance of information, coupled with increased public attention, and the ever-increasing number of laws guarantees that we will be stepping off of the precipice and into litigation.
Search from 250 M+ research papersSearch from 250 M+ research papers
Open Access
Jun 1, 2017
Sebastien Gay 
