S.D.N.Y: Plaintiffs Asserting Claims Based on Risk of Identity Theft Lack Standing
The Southern District of New York, recently, in Hammond v. The Bank of New York Mellon Corp., No. 08-6060, 2010 WL 2643307 (S.D.N.Y. June 25, 2010) joined other courts from around the country in holding that plaintiffs who bring claims based on the risk of identity theft lack Article III standing. In each case, including the 26 cases cited in Hammond, the plaintiffs’ claims were dismissed, either on a motion to dismiss or summary judgment.
In Hammond, the plaintiffs, after being notified that their personal information, contained on unencrypted back up tapes, had been “lost” while being transported by a third party, brought a putative class action asserting claims for breach of implied contract, breach of fiduciary duty, negligence, and violation of state consumer protection laws. Three of the seven named plaintiffs alleged that they actually had suffered “unauthorized credit transactions” after the tapes were lost, although they ultimately conceded that the charges were either reimbursed or unrelated to the tape loss. Bank of New York’s original motion to dismiss was denied. It then moved for summary judgment based on a lack of Article III standing and argued that the alleged emotional distress or increased risk of harm did not constitute legally cognizable harm.
Discovery in the case, particularly plaintiffs’ deposition testimony, demonstrated that the plaintiffs did not suffer any damages. The court, recognizing the apparent inconsistencies in its decisions on defendant’s motion to dismiss and plaintiffs’ motion for summary judgment, held that a finding that Article III standing exists at the motion to dismiss stage does not necessarily mean that it will be present at summary judgment.
Hammond is the latest in a long line of cases holding that the risk of identity theft is not a cognizable injury. Thus, dismissal in these cases is not an issue of “if,” but of “when.”
Click here to view previous posts on these and other related issues.
Tags: Data Security, Privacy