• PRO
  • Events
  • About Blog Popular
  • Login
  • Register
  • PRO
  • Resources
    • Latest updates
    • Q&A
    • In-depth
    • In-house view
    • Practical resources
    • FromCounsel New
    • Commentary
  • Research tools
    • Global research hub
    • Lexy
    • Primary sources
    • Scanner
    • Research reports
  • Resources
  • Research tools
  • Learn
    • All
    • Masterclasses
    • Videos
  • Learn
  • Experts
    • Find experts
    • Influencers
    • Client Choice New
    • Firms
    • About
    Introducing Instruct Counsel
    The next generation search tool for finding the right lawyer for you.
  • Experts
  • My newsfeed
  • Events
  • About
  • Blog
  • Popular
  • Find experts
  • Influencers
  • Client Choice New
  • Firms
  • About
Introducing Instruct Counsel
The next generation search tool for finding the right lawyer for you.
  • Compare
  • Topics
  • Interviews
  • Guides

Analytics

Review your content's performance and reach.

  • Analytics dashboard
  • Top articles
  • Top authors
  • Who's reading?

Content Development

Become your target audience’s go-to resource for today’s hottest topics.

  • Trending Topics
  • Discover Content
  • Horizons
  • Ideation

Client Intelligence

Understand your clients’ strategies and the most pressing issues they are facing.

  • Track Sectors
  • Track Clients
  • Mandates
  • Discover Companies
  • Reports Centre

Competitor Intelligence

Keep a step ahead of your key competitors and benchmark against them.

  • Benchmarking
  • Competitor Mandates
Home

Back Forward
  • Save & file
  • View original
  • Forward
  • Share
    • Facebook
    • Twitter
    • Linked In
  • Follow
    Please login to follow content.
  • Like
  • Instruct

add to folder:

  • My saved (default)
  • Read later
Folders shared with you

Register now for your free, tailored, daily legal newsfeed service.

Questions? Please contact [email protected]

Register

Managing legal risks: trends in data privacy & security class action litigation (fourth quarter 2013)

Bryan Cave Leighton Paisner (Bryan Cave)

To view this article you need a PDF viewer such as Adobe Reader. Download Adobe Acrobat Reader

If you can't read this PDF, you can view its text here. Go back to the PDF .

USA February 27 2014

Managing Legal Risks:
Trends in Data Privacy & Security
Class Action Litigation
Publication Date: February 2014
Authors: Shahin Rothermel & David Zetoony
Scope: Fourth Quarter 2013
Page 2 of 9
Managing Legal Risks:
Trends in Data Privacy & Security Class Action Litigation
(Fourth Quarter 2013)
Executive Summary
This report analyzes data-related class action complaints filed against private entities between October and December 2013 (Q4). The following are key findings concerning complaints over this period:
 A total of 145 data-related class action complaints were filed during Q4.
 Consistent with previous quarters, the majority of complaints (84%) involve data privacy (i.e., collection, use, and sharing) as opposed to data security (i.e., safeguarding) (16%).1
 Telemarketing remained the most common primary legal theory alleged (63%).2
 The United States District Court for the Northern District of Illinois (31%) replaced the Northern District of California (11%) as the most popular federal forum. California (3%) replaced Illinois (2%) as the most popular state forum.
 In terms of industry sectors, health (18%), debt collection (14%), and retail (12%) received the largest number of complaints.
 90% of complaints allege putative national classes, an increase from 68% in the previous quarter.
 Consumers’ contact information was the leading type of data at issue, with mobile phone numbers being the largest category (37%).
 Approximately 82 plaintiffs’ firms were involved in data-related litigation. While a few firms were involved in two or more cases, Edelman, Combs, Latturner, & Goodwin, LLC, filed substantially more cases than other plaintiffs’ firms. With one exception, however, complaints filed by the Edelman firm alleged violations of the TCPA.
Part 1: Primary Legal Theories
The majority of complaints (84%) focused on data privacy related issues – such as the propriety of a company’s collection, intentional sharing, or use of information. Data security – the protection of information from unintentional access or acquisition – was the primary focus in 16% of complaints.
1 See Methodology Section for discussion of the reliability of comparison between quarters.
2 For a discussion of class action litigation involving the TCPA see Gajewski & Zetoony, Managing Legal Risks: Trends in Mobile, Text Message, Fax, and Telephone TCPA Class Action Litigation (Sept. 2013).
Page 3 of 9
This is relatively consistent with the proportion of privacy and security complaints observed throughout 2013.
The largest category of complaints continue to relate to alleged telemarketing violations under the TCPA (63%). The next largest categories involved the Fair Credit Reporting Act (“FCRA”) (9%), and breach of contract (5%).
Part 2: Volume of Litigation
A total of 145 complaints were filed during the period. Although there were more privacy complaints filed in each month of the quarter, the number of complaints involving data security
Page 4 of 9
increased slightly during the second half of Q4, during which time the number of complaints involving data privacy decreased slightly. The following chart shows the quantity of litigation in Q4.
Part 3: Favored Courts
The number of complaints filed in the Northern District of Illinois have remained high (31%), although fewer complaints were filed in Illinois state court (2% of complaints) than in California state courts (3% of complaints). The following chart shows the courts in which complaints were filed.
Page 5 of 9
Part 4: Litigation By Industry
Almost every industry has been targeted by class action plaintiffs, although the number of class action complaints against retail (home goods, retail general, and fashion/clothing), health-related companies (18%), and debt collectors (14%) remained particularly high. The following chart provides a breakdown of complaints by the defendant’s industry.
Part 5: Scope of Alleged Class (National v. State)
As indicated in the following chart, a large majority of complaints (90%) alleged a putative class that is national in scope (even if it also alleged one or more single-state subclasses).
Page 6 of 9
Part 6: Variety of Legal Theories Alleged
Complaints filed during the period alleged 16 legal theories. The following chart provides a breakdown of all of the legal theories alleged. The percentages collectively exceed 100% as many complaints include more than one legal theory.
The theories alleged in class action complaints in Q4 were more concentrated than in prior periods, with TCPA as the most common theory alleged (63%).
Part 7: Data Fields At Issue
Complaints filed during the period involved approximately 11 different types of data. The most common fields at issue were consumer mobile phone numbers (37%), fax numbers (23%), and credit and debit card information (10%). The following chart provides a breakdown of the complaints by the primary data field at issue.
Page 7 of 9
Part 8: Plaintiffs’ Firms
Approximately 82 plaintiffs’ firms were involved in filing the class action complaints during the period; most firms filed less than 4 complaints. Edelman, Combs, Latturner, & Goodwin, LLC filed significantly more data security and privacy class-action complaints (30) in Q4 than most other plaintiffs’ firms.
Part 9: Methodology
Bryan Cave’s previous whitepaper analyzing data privacy and security class action litigation trends followed the practice cited by other researchers who have analyzed trends in data-related class action complaints of using Westlaw’s “Pleadings” database. See, e.g., Sasha Romanosky, et. al., Empirical Analysis of Data Breach Litigation, 11 J. Empirical Legal Stud. 74, at 82 (2014) (concluding that Westlaw Pleadings coverage should not create a significant selection bias). This quarter, however, we expanded the universe of cases to include those identified in either the Westlaw Pleadings database or the Westlaw Dockets database. The latter source significantly expanded the quantity of complaints identified for the quarter. In light of the additional source of complaints, comparisons of the total volume of complaints filed in Q4 with those identified in Q1-Q3 (which involved searches of only Westlaw Pleadings) may not be appropriate. While this report does include relative comparisons between quarters, those comparisons may also be subject to selection biases.
Complaints included within the data analyzed by this report were identified within the Westlaw Pleadings and Dockets library as containing the phrase “class action,” derivations of the phrases “personal information” or “personal data,” and either the term “breach,” “privacy,” or “security.” Searches were also run to identify any class action complaints filed during the period that specifically referenced the Telephone Consumer Protection Act (“TCPA”), the Children’s Online Privacy Protection Act (“COPPA”), the Controlling the Assault of Non-Solicited Pornography and Marketing Act (“CAN-SPAM”), the Health Insurance Portability and Accountability Act (“HIPPA”), the Video Privacy Protection Act (“VPPA”), the Fair Credit Reporting Act (“FCRA”), the Electronic Communications Privacy Act (“ECPA”), and point-of-sale (“POS”) statutes, including the Song Beverly Credit Card Act. These cases were then reviewed for relevanceand
Page 8 of 9
complaints alleging suit against government entities were excluded. As stated above, this report covers those complaints filed in the fourth quarter of 2013.
Page 9 of 9
ABOUT THE AUTHORS
Shahin Rothermel is a member of the firm’s
antitrust, competition, and consumer protection
group and routinely assists clients with data security
and data privacy issues.
Bryan Cave LLP
Washington D.C.
[email protected]
202-508-6206
David Zetoony is the leader of the firm’s
consumer protection group. David’s practice
focuses on advertising, data privacy, and data
security.
Bryan Cave LLP
Washington D.C.
[email protected]
202-508-6030
Bryan Cave LLP
Bryan Cave is a leading international law firm with offices in 24 cities and 12 countries. The firm
routinely defends clients in private litigation and regulatory enforcement actions, and provides advice and
counseling concerning legal compliance.
In addition to providing analysis based upon years of experience, Bryan Cave analyzes data in order to
identify legal trends and leading indicators of legal risk.
If you would like to receive future consumer protection informational publications automatically, please
contact [email protected] Any questions or comments concerning this report, or
requests for permission to quote, or reuse it, should be addressed to the authors above.

 

 

 

Bryan Cave Leighton Paisner (Bryan Cave) - Shahin O. Rothermel

Back Forward
  • Save & file
  • View original
  • Forward
  • Share
    • Facebook
    • Twitter
    • Linked In
  • Follow
    Please login to follow content.
  • Like
  • Instruct

add to folder:

  • My saved (default)
  • Read later
Folders shared with you

Filed under

  • USA
  • Capital Markets
  • IT & Data Protection
  • Litigation
  • Bryan Cave Leighton Paisner (Bryan Cave)

Topics

  • Data security
  • Information privacy
  • Class action
  • Telemarketing

Laws

  • Fair Credit Reporting Act 1970 (USA)

Courts

  • US District Court for Northern District of Illinois

Popular articles from this firm

  1. New Security Standard for PINS Will Give Retailers Less Costly Processing Options *
  2. Consumer Class Actions Take a Hit: Court Holds Made-For-Outlet Products Not Deceptive *
  3. Berman Amendment? What Berman Amendment?? *
  4. Your rehired employee may be eligible under FMLA before 12 months *
  5. New Mortgage Servicing Rules for “Successors in Interest” *

If you would like to learn how Lexology can drive your content marketing strategy forward, please email [email protected].

Powered by Lexology

Related practical resources PRO

  • How-to guide How-to guide: How to develop, implement and maintain a US information and data security compliance program (USA) Recently updated
  • How-to guide How-to guide: How to manage your organization’s data privacy and security risks (USA) Recently updated
  • How-to guide How-to guide: How to draft a privacy policy, and privacy and data security provisions in contracts (USA) Recently updated
View all

Related research hubs

  • Class action
  • USA
  • Capital Markets
  • Litigation
Back to Top
Resources
  • Daily newsfeed
  • Commentary
  • Q&A
  • Research hubs
  • Learn
  • In-depth
  • Lexy: AI search
  • Scanner
Experts
  • Find experts
  • Legal Influencers
  • Firms
  • About Instruct Counsel
More
  • About us
  • Blog
  • Events
  • Popular
Legal
  • Terms of use
  • Cookies
  • Disclaimer
  • Privacy policy
Contact
  • Contact
  • RSS feeds
  • Submissions
 
  • Login
  • Register
  • Follow on Twitter
  • Follow on LinkedIn

© Copyright 2006 - 2023 Law Business Research

Law Business Research