The U.S. Supreme Court on Monday denied the petition for certiorari seeking review of the U.S. Court of Appeals for the Ninth Circuit's most recent decision in Spokeo v. Robins (Spokeo II), foregoing an opportunity to clarify the confusion that has ensued since the Supreme Court's 2016 decision in Spokeo (Spokeo I) on the issue of Article III standing. In Spokeo I, the Supreme Court held that intangible injury may satisfy the "concrete injury" requirement for standing, but lower courts have since struggled to apply the Court's holding.

In Spokeo I, the Supreme Court held that Article III standing's concrete injury element may be met by a showing of "intangible" harm, and that violation of a statutory procedural right, therefore, may satisfy this element. The Court explained that "both history and the judgment of Congress" play important roles in the determination of whether an intangible injury in fact satisfies the concreteness element. The Court then remanded the case to the Ninth Circuit for analysis of whether the plaintiff's claim—under the Fair Credit Reporting Act (FCRA) for Spokeo, Inc.'s generation of a web profile of plaintiff containing alleged inaccuracies—was supported by an allegation of concrete harm. (Our previous alert on Spokeo I may be found here.)

Following Spokeo I, lower courts have reached a variety of results applying the Supreme Court's holding in cases involving alleged intangible harm. These cases have frequently involved alleged procedural violations of consumer protection statutes, such as the FCRA and the Telephone Consumer Protection Act, as well as the alleged "risk of harm" to consumers following data breaches. (For our previous alerts discussing lower court decisions in the wake of Spokeo I, see here and here.)

In Spokeo II, on remand from the Supreme Court, the Ninth Circuit concluded that the plaintiff sufficiently alleged a concrete injury, reasoning that the alleged inaccurate information Spokeo published about him—including material inaccuracies about his age, marital status, education, wealth level, and profession—demonstrated harm to the real-world interests Congress sought to protect through the FCRA, such as the plaintiff's employment prospects. (Our previous alert on the Ninth Circuit's decision in Spokeo II can be found here.)

Spokeo thereafter sought certiorari from the Supreme Court for a second time, arguing that its decision in Spokeo I had resulted in "confusion among the scores of lower court decisions that have taken very different approaches" in applying the decision. Numerous amici filed briefs in support of Spokeo's cert petition.

In a one-line order, the Supreme Court denied Spokeo's cert petition, but that may not be the Court's last word on standing this term. Still pending before the Court is a petition for certiorari in CareFirst v. Attias, a data breach class action stemming from the hacking-facilitated theft of personal information for approximately 1.1 million policyholders. CareFirst is seeking review of the reversal by the U.S. Court of Appeals for the District of Columbia Circuit of a district court order dismissing the data breach class action on standing grounds. The Supreme Court will consider the cert petition in Attias at its next conference, which is scheduled for February 16. (Click here for our prior Alert on Attias and here for a discussion of Attias in CyberAdviser—our new privacy and cybersecurity blog.)

In the meantime, lower courts will be left to wrestle with application of the Spokeo I concreteness standard in cases involving the disclosure of personal information protected by law.

Members of Ballard Spahr's Privacy and Data Security Group provide a full range of counseling, transactional, regulatory, investigative, and litigation services across industry sectors and help clients around the world identify, manage, and mitigate cyber risk. Our team of nearly 50 lawyers across the country includes investigators and advocates with deep experience in cyber-related internal and governmental investigations, regulatory compliance and enforcement matters, cyber-related crisis management, and civil and criminal litigation.

Ballard Spahr's Consumer Financial Services Group is nationally recognized for its guidance in structuring and documenting new consumer financial services products, its experience with the full range of federal and state consumer credit laws, and its skill in litigation defense and avoidance.


Copyright © 2018 by Ballard Spahr LLP.
www.ballardspahr.com
(No claim to original U.S. government material.)

All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, including electronic, mechanical, photocopying, recording, or otherwise, without prior written permission of the author and publisher.

This alert is a periodic publication of Ballard Spahr LLP and is intended to notify recipients of new developments in the law. It should not be construed as legal advice or legal opinion on any specific facts or circumstances. The contents are intended for general informational purposes only, and you are urged to consult your own attorney concerning your situation and specific legal questions you have.