Oct 06

Standing on the Spectrum of Data Breach Harm

In another victory for class-action data theft/breach plaintiffs, last week in Enslin v. The Coca-Cola Co., the Eastern District of Pennsylvania denied a motion to dismiss the case for lack of standing. There, Shane Enslin sued the Coca-Cola Company and various other Coca-Cola entities (“Coke”)… Read More

Jul 20

Is there a “Constitutional Right to Informational Privacy”?

This post originally appeared on Montgomery McCracken’s Data Privacy and Cybersecurity blog, Data Privacy Alert. Only July 8, 2015, the National Treasury Employees Union filed the second class action against (now former) OPM Director Archuleta stemming from the massive OPM data breach.  While the plaintiffs… Read More

Jun 04

Allegheny County Judge Rules that Pennsylvania Does Not Recognize Negligence Claims in Data Breach Actions

A Pittsburgh-area judge recently ruled that Pennsylvania does not recognize negligence claims in data breach lawsuits. Dittman v. UPMC, No. GD-14-003285 (Pa. Ct. Com. Pl., Allegheny Cnty., May 28, 2015). The case centers on a data breach in 2014 involving the University of Pittsburgh Medical… Read More

Mar 20

When Does a Hack Become a Compensable Harm in Federal Court?

This guest post was co-authored by Montgomery McCracken partner Michael B. Hayes and associate David F. Herman, both of the firm’s Litigation Department. Michael can be reached at 215.772.7211 or at David can be reached at 215.772.7614 or at No business wants to… Read More

Jun 17

Another Post-Clapper Data Privacy Breach Case Dismissed for Lack of Standing

The U.S. Supreme Court’s decision in Clapper v. Amnesty International USA, 133 S. Ct. 1138 (2013), continues to be relied on by federal courts to hold that “mere loss of data” or “increased risk of identity theft” in a data breach case does not constitute… Read More