Posts about Standing by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy awareness and security training company.
Professor Danielle Citron and I have thoroughly revised our article, Privacy Harms, forthcoming 102 B.U. Law Review __ (2022). You can download the latest draft for free on SSRN. Some of the things we updated: We reordered the piece to discuss earlier on our theory of when harm should be required. We added a discussion of […]
I recently published a short essay with Professor Danielle Citron critiquing the recent Supreme Court decision, TransUnion v. Ramirez (U.S. June 25, 2021) where the Court held that plaintiffs lacked standing to use FCRA’s private right of action to sue for being falsely labeled as terrorists in their credit reports. The essay is here: Daniel J. […]
Friday’s U.S. Supreme Court decision, TransUnion v. Ramirez (U.S. June 25, 2021), prompted me to release this cartoon about privacy harms that I created a while ago. In TransUnion, a group of plaintiffs sued TransUnion for falsely labeling them as potential terrorists in their credit reports. The Supreme Court held that only some plaintiffs had standing […]
In a recent case, the U.S. Court of Appeals for the 11th Circuit weighed in on an issue that has continued to confound courts: Is there an injury caused by a data breach when victims don’t immediately suffer financial fraud? I wrote on this issue in an article with Professor Danielle Citron in 2018, Risk and Anxiety: […]
Professor Danielle Keats Citron (University of Virginia School of Law) and I have just posted a draft of our new article, Privacy Harms, on SSRN (free download). Here’s the abstract: Privacy harms have become one of the largest impediments in privacy law enforcement. In most tort and contract cases, plaintiffs must establish that they have […]
A recent case involving the Illinois Biometric Information Privacy Act (BIPA), Rivera v Google (N.D. Ill. No. 16 C 02714, Dec. 28, 2018), puts the ills of Spokeo Inc. v. Robins on full display. In Rivera, plaintiffs sued Google under BIPA, which prohibits companies from collecting and storing specific types of biometric data without people’s consent. The plaintiffs alleged that Google […]
Cybersecurity litigation is currently at a crossroads. Courts have struggled in these cases, coming out in wildly inconsistent ways about whether a data breach causes harm. Although the litigation landscape is uncertain, there are some near certainties about cybersecurity generally: There will be many data breaches, and they will be terrible and costly. We thus […]
Harm has become the key issue in data breach cases. During the past 20 years, there have been hundreds of lawsuits over data breaches. In many cases, the plaintiffs have evidence to establish that reasonable care wasn’t used to protect their data. But the cases have often been dismissed because courts conclude that the […]
When is a person harmed by a privacy violation? The U.S. Supreme Court just handed down a decision in an important case, Spokeo Inc. v. Robins. Plaintiff Thomas Robins sued Spokeo under the Fair Credit Reporting Act (FCRA) because Spokeo had inaccurate information about him in its profile. Spokeo’s profiles are used by potential employers […]
In an earlier post, I discussed some of the constitutional issues involved in ACLU v. NSA, –F.3d — (6th Cir. 2007). In this case, a panel from the 6th Circuit concluded that the ACLU and other plaintiffs lacked standing to challenge the Bush Administration’s warrantless wiretapping program conducted by the National Security Agency (NSA). The program is […]