By Ross Todd, from The Recorder
SAN FRANCISCO — A federal judge in New Orleans on Monday knocked out a proposed class action against eBay Inc. stemming from a 2014 data breach at the auction website.
Siding with the company’s lawyers at Cooley, U.S. District Judge Susie Morgan of the Eastern District of Louisiana found eBay customer Collin Green lacked standing because his claims were tied to an increased risk of future identity theft rather than any ongoing fraud.
“The mere fact that plaintiff’s information was accessed during the data breach is insufficient to establish injury-in-fact,” Morgan wrote in a 14-page decision. “Thus, the potential threat of identity theft or identity fraud, to the extent any exists in this case, does not confer standing on plaintiff to pursue this action in federal court.”
Morgan’s decision runs counter to an opinion issued last September by U.S. District Judge Lucy Koh of the Northern District of California. Koh allowed a lawsuit stemming from a 2013 data breach at Adobe Systems Inc. to move forward finding that plaintiffs had alleged “a concrete and imminent threat of future harm.”
Morgan noted Koh’s Adobe decision in a footnote along with two other cases where federal judges found plaintiffs in such cases had standing to sue. But Morgan concluded that her decision was “in line with the weight of authority” that the risk of future harm arising from a data breach is not sufficient to establish standing.
EBay advised users to change their passwords last May after unknown individuals accessed files containing their names, encrypted passwords, birthdates, email addresses, addresses and phone numbers. EBay users’ credit card and bank information was not subject to the breach. Green’s lawyers at O’Bell Law Firm in Metairie, La., sued eBay in July alleging negligence, violations of the Stored Communications Act and the Fair Credit Reporting Act, breach of contract, and state law privacy claims.
Green’s lawyer, Charles Zimmer II, said Monday that he was reviewing the decision. He said the ruling is part of a “wave” of decisions that read the U.S. Supreme Court’s 2013 decision in Clapper v. Amnesty International as foreclosing damages claims from the threat of future identity theft.
“It’s hard to convince courts that there’s value there, even though people are risking jail time to steal this information and governments and companies are spending lots of money to prevent it,” Zimmer said.
Cooley partner Michael Rhodes, eBay’s lead lawyer, was out of the office Monday and unavailable to comment. A company spokesman didn’t respond to a request for comment.
For more on this story go to: http://www.therecorder.com/id=1202725474972/EBay-Beats-Back-DataBreach-Suit#ixzz3ZHQysVSW