Sean McIntyre reports:
As reported in our 2017 Data Security Incident Response Report, plaintiffs allege potential future harm as a basis for injury in 80 percent of data breach lawsuits. But are allegations of future harm sufficient to meet Article III’s cases-and-controversies requirement, specifically with regard to the injury-in-fact element of standing? Despite the prevalence of these allegations, federal courts remain divided on the answer to this question as it applies in the data breach context.
This divide stems from differing interpretations of the Supreme Court’s 2013 decision in Clapper v. Amnesty International USA, which held that plaintiffs must show that future harm is certainly impending, or that they are at a substantial risk of future harm, to satisfy the injury-in-fact requirement of Article III standing.
Read more on BakerHostetler Data Privacy Monitor.