As the well-known proverb provides, “no good deed goes unpunished.” On March 8, 2018, the U.S. Court of Appeals for the Ninth Circuit unfortunately lent support to that theory when it reversed dismissal of a consumer data-breach class action against online retailer Zappos.com (Zappos), a victim of a cybersecurity breach, in part because Zappos recommended after the breach that its customers whose personal information was compromised change their passwords. According to the Ninth Circuit, Zappos’ recommendation was effectively an admission that its customers faced a risk of fraud from the breach that was sufficient to give them standing to sue under Article III of the U.S. Constitution. The Zappos decision highlights a growing split among courts of appeals as to whether a corporate cybersecurity-breach victim’s efforts to assist its customers in the wake of the breach should weigh in favor of those customers’ standing to sue. Continue to read the full article.
Stay Up To Date with Ropes & Gray
Ropes & Gray attorneys provide timely analysis on legal developments, court decisions and changes in legislation and regulations.
Stay in the loop with all things Ropes & Gray, and find out more about our people, culture, initiatives and everything that’s happening.
We regularly notify our clients and contacts of significant legal developments, news, webinars and teleconferences that affect their industries.