Court Reinforces Need for Proof of Injury In Breach Cases
The U.S. District Court for the Northern District of Illinois dismissed a class action complaint arising from a credit card “skimming” attack suffered by Barnes & Noble in 2012, ruling that the plaintiffs failed to show injury.
Law360 reports that Judge John W. Darrah based his decision on the Supreme Court case Clapper v. Amnesty International, which established “a plaintiff must demonstrate that they have suffered an ‘injury in fact’ that is ‘certainly impending,’” noting that the plaintiffs’ “allegations of possible future injury fail to meet the test outlined by the Supreme Court,” among other reasons for dismissal.
Ropes & Gray attorneys Douglas H. Meal, Mark P. Szpak and Lisa Rachlin write, “In re Barnes & Noble PIN Pad suggests that data breach cases post-Clapper increasingly will be decided on standing grounds and that speculation of future harm will not suffice,” adding, “the impact of Darrah’s injury analysis reaches well beyond the causes of action asserted in In re Barnes & Noble PIN Pad and will extend to other claims, such as negligence and negligent misrepresentation, frequently asserted in the data breach context.”
Court: Debt Collectors' Cell Phone Calls Excluded from TCPA
A federal judge in Pennsylvania has ruled the Telephone Consumer Protection Act (TCPA) does not apply to debt-collection calls, even those made to cellular phones, insideARM reports. In Roy v. Dell Financial Services, the court relied on an earlier court decision that “all debt-collection circumstances are excluded from the TCPA’s coverage.” The decision conflicts with that of nearly all courts that have examined the issue, the report states. Most have found that calls made using automatic dialing systems violate the TCPA unless “prior express consent” has been given.
CA Bill Would Allow Kids To Erase Online Pasts
A California bill aims to address how to allow minors to recover from embarrassing online indiscretions, The New York Times reports. San Francisco-based advocacy group Common Sense Media is one group pushing for California users under the age of 18 to have the right to delete tweets, pictures, status updates and other material. “Kids and teenagers often self-reveal before they self-reflect,” the group’s chief executive said. The so-called eraser law, reminiscent of calls for a right to be forgotten in the pending EU data regulation, has critics warning that in trying to protect children, the law could lead companies to collect more information about customers to ensure they are under 18 and are in California. (Registration may be required to access this story.)
French Proposal Aims To Boost EU Tech Firms
France is pushing for the EU to adopt proposals that would see technology companies such as Google and Facebook regulated and taxed where customers use their websites, Financial Times reports. The proposals “could put Europe at loggerheads with the U.S., which has previously reacted angrily at attempts to impose greater regulation on the Internet.” Fleur Pellerin, France’s digital economy minister, said the campaign does not target American companies—though they are the ones on top, currently—but aims to “boost the ability of European actors to develop in Europe and gain positions that can compete on the same level playing field as the other international actors.” (Registration may be required to access this story.)
Industry, Policymakers Clash on Regulation Timeline
“Industrialists and diplomats have accused MEPs of rushing through data protection laws that they say would boost their electoral chances more than Europe’s economies,” EurActiv reports. At an event in Brussels on Tuesday, policymakers and industry representatives clashed over the EU draft regulation’s timeline, the report states, citing comments by the European Commission’s Paul Nemitz indicating companies that value their customers’ needs will not have issues with the new rules. “If you are operating cross-borders, your life is likely to become easier. Why? Because in the future, we’ll have one law in form of a regulation rather than 28 implementing laws based on a directive and we will have a consistency mechanism,” Nemitz said.
Australia Bar-Scanning Bill Raises Red Flags
The Guardian reports on a bill being considered that would require patrons of venues in Sydney’s Kings Cross to have their identity scanned and stored to monitor and enforce entrance bans on individuals who have committed serious crimes. The legislation would enforce ID scanning at 35 “high risk” venues and would collect names, dates of birth, addresses and photographs. Australia Privacy Foundation’s Roger Clarke said, “The measure doesn’t only affect the targeted individuals, it represents a serious imposition on all patrons of the venues that the government brings within its scope.”
If you want to comment on this post, you need to login.