Reuters reported that Judge Lucy Kohl ruled that “the plaintiffs could try to show that liability limits in Yahoo’s terms of service were “unconscionable,” given the allegations that Yahoo knew its security was deficient but did little.” The March 12, 2018 article entitled “Data breach victims can sue Yahoo in the United States” included these comments about Judge Kohl’s (US District Judge, Northern District of California) ruling:
Yahoo was accused of being too slow to disclose three data breaches that occurred from 2013 and 2016, increasing users’ risk of identity theft and requiring them to spend money on credit freeze, monitoring and other protection services.
The breaches were revealed after New York-based Verizon agreed to buy Yahoo’s Internett business, and prompted a cut in the purchase price to about $4.5 billion.
A Verizon spokesman had no immediate comment on Monday. A lawyer for the plaintiffs did not immediately respond to requests for comment.
This will be a important case to follow given the cybercrime and reliance on Terms of Service (ToS), Click Agreements, and Privacy Policies that are never read!