No good deed goes unpunished: Did P.F. Chang’s prompt notice of data breach create standing to sue?

On April 14, the court released its opinion in Lewert v. P.F. Chang’s China Bistro, Inc., holding that class plaintiffs may satisfy Article III standing by alleging both an increased risk of fraudulent charges and identity theft, as well as costs incurred in mitigating a future risk of harm. Although this is the second time the Seventh Circuit has addressed standing in this context, the case expands the court’s already generous standard. It also illustrates the difficult choices faced by companies whose systems are hacked. Read more >>

Class Definitions, Data Privacy and Cyber Security, U.S. Supreme Court

Sovereign immunity in the age of continuous cyber warfare

Major cyber-attacks on a U.S. corporation or government agency are becoming more and more common. The July 9, 2015, news of 21.5 million Social Security numbers stolen from the Office of Personnel Management (OPM) is the latest example — but surely will not be the last. Although each breach spawns new litigation, this latest example is a little different.

Unlike the recent attacks on corporations like Sony Pictures and Anthem, OPM has an additional and powerful defense: sovereign immunity. Two recent class action suits filed by labor unions against OPM will put the sovereign immunity defense to the test.

For more, click here.

Data Privacy and Cyber Security