SCOTTSDALE, Ariz.—Retailers may have a new reason to beef up their data security standards—consumer class-action lawsuits.
Numerous class-action lawsuits have been filed on behalf of consumers against retailers that failed to protect their personal data. But, so far, courts have tossed most of the data-breach class-action lawsuits, writes Edward Iwata in Third Certainty.
Iwata explained that judges have found that “a general fear of future identity theft” is not enough to establish concrete harm. However, he noted, that might change soon.
“A federal ruling in July involving a Neiman Marcus data breach may give hope to consumers—and create more sleepless nights for senior executives and directors at companies whose networks get hacked,” Iwata said.
The 7th U.S. Circuit Court of Appeals, overturning a U.S. District Court ruling, found that 350,000 customers “should not have to wait for hackers to commit credit-card fraud or identity theft” before concrete harm takes place.
“The three-judge panel in Chicago allowed the class action to go forward, and also found that 9,200 Neiman Marcus customers with fraudulent charges on their credit cards had suffered actual injury,” Iwata explained.