Businesses have revolutionized the way they reach customers. Through computers, smart phones, iPads and a host of other technologies, we can now make purchasing decisions from the comfort of our homes. All we need to do is enter our personal information and our credit card data, and one click later that product magically appears at our doorstep, ready to be used.
But the convenience brought to us by the technological revolution comes with its vices. Our personal information is handed over to businesses, sometimes without our knowledge, and those businesses can then track our online activities, ranging from websites we frequent, to what products we purchase, to what we “mouse-over,” and a host of other things. They then store that information to one day use to their advantage in marketing efforts.
Unfortunately, hackers also have an interest in our personal information, in particular, our credit card information. All too often we hear of a data breach in which the personal information of thousands individuals was stolen.
On the Legal Front
The natural outcome of cyber security lapses is the current wave of privacy class actions. Plaintiffs’ counsel are opening their toolboxes in new areas, adapting class action models in the privacy space. Already, a number of high-profile class actions have been filed against businesses that have been the victims of data breaches, including Target, Michaels and Sony. Interestingly, some of these class action suits have been successful. Of note, in Avmed, plaintiffs settled a privacy class action for $3 million. The settlement provided for payments to all victims of a data breach, including those who have not suffered monetary losses due to actual identity theft.
Now, in the wake of Avmed, comes ComScore, a $14 million privacy class action settlement (pending court approval). In ComScore, the plaintiff class consists of thousands of individuals who claim ComScore tracked their activities and then sold their private information to third parties. It is alleged that ComScore, through innocuous tracking software loaded onto plaintiffs’ computers when plaintiffs’ downloaded screensavers, music programs or gaming applications, collected information concerning the plaintiffs’ online activities, including Internet searches, products purchased, ad clicks and frequency of website visits. This information was then transferred to ComScore, which sold it to third parties.
Although the estimated payout from ComScore will be approximately $200 to each plaintiff, $4.6 million of the $14 million settlement will be allocated to pay plaintiffs’ attorneys’ fees, highlighting the potential value being unlocked by plaintiffs’ counsel through privacy class actions.
With plaintiffs’ counsel settling privacy class actions for millions of dollars, we are certain to see an increase in high-profile actions as plaintiffs’ counsel surf the wave to the bank. To combat these high-profile privacy class actions, general counsel and defense counsel need to adapt traditional defense tactics, such as lack of commonality, to defeat the certification of a privacy class.