•  
  •  
 

University of Miami Law Review

Abstract

Despite the increasing amount of data breaches, there is no liability for parties who do not adequately protect victim’s information. In federal court, plaintiffs must show that their injury was concrete, particularized, and imminent. But, when plaintiffs’ information has been stolen, but not yet criminally used, they may be unable to establish a right to relief. Victims face challenges when seeking damage for this future harm, because despite their destroyed privacy, they may not have evidence of a perpetrator’s actual misuse of purloined data. This Article analyzes multiple court decisions, generally in the setting of class-actions, and discusses outcomes of data breach litigation. It then considers whether some courts have embraced an overly restrictive view of standing in these cases.

COinS