No Harm, Still Foul: When an Injury-in-fact Materializes in a Consumer Data Breach

Benjamin C. West

Volume 69, Issue 2, 701-720

In the consumer data breach context, courts have seemingly limited a plaintiff’s ability to bring suit by applying the standing doctrine’s injury-in-fact requirement too rigidly. This is unacceptable, as the law of standing should not leave consumers without technology, without security, and without recourse. This Note challenges how courts currently apply the injury-in-fact element in consumer data breach actions, and proposes a new standard that better understands and considers previously overlooked harms that are incurred upon a breach.

This Note proceeds in four parts. Part I describes how courts currently approach standing in consumer data breach actions. Part II illuminates a plethora of real harms that current approaches fail to consider. Part III addresses foreseeable counterarguments. Lastly, Part IV urges courts to consider reforming current approaches by stressing how a better understanding of what constitutes a sufficient harm will ultimately provide adequate recourse to harmed consumers.

Full Article