Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Tag Archives: Ninth Circuit

Posted in Consumer Privacy, Privacy & Security Litigation

The Ninth Circuit Revives Consumer Class Action, Finding Intangible Harm Sufficient to Confer Article III Standing

The six-year fight over the type of harm a plaintiff must allege to satisfy the “injury in fact” requirement for lawsuits alleging false reporting of credit information took its latest turn this week. On Tuesday, August 15, 2017, the U.S. Court of Appeals for the Ninth Circuit, on remand from the United States Supreme Court, issued its opinion- hyperlink to the opinion] in Spokeo, Inc. v. Robins, a highly-watched case challenging whether a plaintiff can satisfy Article III standing based solely on a technical violation of the Fair Credit Reporting Act. Plaintiff Thomas Robins brought a putative class action for willful violations of the FCRA against Spokeo, Inc., a company that generates profiles about people based on publicly available data. Among other things, Robins averred that Spokeo published an allegedly inaccurate profile about him on its website and therefore harmed his employment prospects at a time when he was out of work. The Ninth Circuit’s three-judge panel held that the publication of materially inaccurate information about Robins sufficed as concrete injury for purposes of Article III standing, even without specific allegations of tangible harm from that publication.

Posted in Consumer Privacy, Privacy & Security Litigation

Justices Rule That Injury In Fact Must Be Concrete, Requiring More Than A Statutory Violation

On Monday, May 16, 2016, the Supreme Court of the United States issued its highly anticipated opinion in Spokeo, Inc. v. Robins, a case that examined the question of whether a plaintiff who sued for a technical violation of the Fair Credit Reporting Act could maintain Article III standing for a class action without claiming any real-world injury. The case before the Court involved a putative class action brought against petitioner Spokeo, Inc., a company that generates profiles about people based on information obtained though computerized searches. Respondent Thomas Robins was one of the people with a profile on Spokeo’s website. According to Robins, the information on that profile was inaccurate. Robins filed a class-action complaint against Spokeo in federal court, alleging violations of the FCRA, which requires consumer reporting agencies to “follow reasonable procedures to assure maximum possible accuracy of” consumer reports. The Ninth Circuit held that by alleging the violation of a statutory right Robins had satisfied the injury-in-fact requirement of Article III standing.

Posted in Privacy & Security Litigation

Ninth Circuit Rules Reasonable Suspicion of Criminal Activity Required before Forensic Examination of Electronic Device at Borders

On March 8th, the United States Court of Appeals for the Ninth Circuit, sitting en banc, held in United States v. Cotterman that the Fourth Amendment requires border agents to have at least a reasonable suspicion of criminal activity before they may conduct a forensic examination of a person’s electronic device. Hogan Lovells lawyers briefed and Hogan Lovells partner Chris Handman argued as amicus on behalf of the Constitution Project, a bipartisan, not-for-profit organization that promotes consensus-based solutions to the significant constitutional questions facing Americans in the 21st century.

Posted in Consumer Privacy

Ninth Circuit Extends the Protections of the ECPA to Foreign Citizens

On October 3rd, the Court of Appeals for the Ninth Circuit became the first appeals court to extend the protections of the Electronic Communications Privacy Act (“ECPA”) to non-U.S. citizens when it held in Suzlon Energy Ltd. v. Microsoft Corp. that the Stored Communications Act (“SCA”) provisions of the ECPA protect the confidentiality of all email communications stored in the United States, not just those of U.S. citizens. This broadening of the jurisdictional scope of the ECPA and SCA is likely to result in increased data privacy protection for foreign citizens, at least with regard to email communications that are physically stored on servers located in the U.S. In addition, the expanded scope of the law may simplify the process by which electronic communications service providers respond to requests for stored communications, likely alleviating the need to engage in an assessment of the citizenship of the data subject whose communications are sought.