Self-Driving Cars Are Almost Here, but Questions Remain

Ready or not, the driverless car era is upon us. And depending on whom you ask, some are more prepared than others to embrace automated vehicles.

Manufacturers—eager to establish themselves as top players in the emerging market—are investing billions of dollars in research and development and spending millions on government lobbying.

States, meanwhile, are rolling out competing autonomous vehicle regulations as they court technology companies and the cash cow potential driverless cars represent.

Disruptions from self-driving and flying cars will be widespread.

But while patchwork state regulations may be useful for finding out the best path forward in the driverless era, comprehensive federal regulations will likely be needed sooner rather than later to avoid state-to-state rule conflicts. At the same time, over-regulating the industry early on could dampen innovation right at the time growth is exploding.

Then there is the public, who, despite assurances that self-driving cars will vastly reduce accidents and lead to a brave new world of on-the-go leisure, expresses reservations about autonomous technology.

Public fear of the driverless car is not unfounded. Many have asked how automated vehicles should respond to the moral dilemma of whether it’s preferable to, say, run down pedestrians in a crosswalk or crash into a tree.

Whichever choice the car makes, it raises another question being hotly contested by lawyers and insurance brokers: who is responsible for the damages?

These are just a few of the issues that self-driving cars pose. As we move into the driverless era, numerous industries will be disrupted in a society that currently revolves around the personal, self-driven vehicle.

Self-driving cars are just the beginning, too. Companies are working on flying cars, which will open up a brand new Pandora’s box of regulatory, infrastructure, and legal questions.

The New Arms Race

Traditional auto manufacturers, newer electric car makers, auto suppliers, and tech companies are battling for supremacy in the emerging self-driving car market.

Navigant Research ranked 18 companies on the cutting-edge of self-driving technology based on criteria that includes vision, go-to market strategy, technology, and product quality.

The companies most likely to get their autonomous cars to market first, according to Navigant, are Ford, General Motors, Renault-Nissan, Daimler, and Volkswagen.

It’s no coincidence that each of the companies in the top-five are auto manufacturers. In fact, only two non-automakers crack Navigant’s top ten.

Navigant explains that car companies, unlike tech companies, have the manufacturing capabilities to mass produce self-driving cars. Navigant expects tech companies to eventually provide auto makers with autonomous technology.

This scenario is already playing out through strategic partnerships between Volvo and Uber, Waymo (Google) and Fiat Chrysler, BMW and Intel, and General Motors and Lyft. Since suppliers already provide auto makers with most of their vehicle parts, these types of partnerships are nothing new. The key difference is that self-driving cars will rely more on technology such as computer processors, cameras, radar, and software.

States Vie for Footholds in Self-Driving Industry

Autonomous vehicles represent a major new market opportunity not only for manufacturers, but for states that want to attract jobs and revenue from the emerging market.

California has long been seen as the most tech-forward state, but the Golden State’s penchant for strong regulations is creating an opening for others to take leadership roles in self-driving cars.

Different states have different claims to the self-driving throne. California’s Silicon Valley is where major tech players are headquartered. Michigan has its auto industry roots. Pennsylvania and Massachusetts are home to Carnegie Mellon University and MIT, respectively, two front-running institutions in driverless car research.

For now, states are serving as laboratories in the self-driving car experiment.

Other states, like Virginia, that have no natural industry connections, are seeing the opportunity that autonomous vehicles represent and attracting companies with friendly legislation and rulemaking.

Driverless cars, after all, can only stay on the test track for so long. They must be tested on roads, in real-life traffic, before they can be deemed ready for commercialization.

Virginia makes no bones about its aggressive sales pitch.

“We have no rules that prohibit autonomous vehicles, no law. A lot of states do. That’s intentional that we’re doing that,” said Virginia Transportation Secretary Aubrey Layne.

California, which is taking a more cautious approach, is working on the country’s most comprehensive self-driving car regulations. The state presumably wants a functioning regulatory system in place before self-driving cars go mainstream, but a potential downside of their strategy is stifling innovation.

California’s approach has “made it more difficult for the industry,” said Stan Caldwell of Carnegie Mellon. “They’re trying to keep it safe. But they can’t keep up with the technology curve.”

For now, a patchwork of state regulations may benefit growth as states compete and the most safe, effective regulatory solutions take shape in jurisdictional laboratories.

Florida, for example, passed legislation making it the first state to allow autonomous vehicles on roadways without a human backup driver, while it is now legal in Michigan to purchase autonomous cars.

Autonomous Vehicles Need Federal Regulations

At some point, the federal government will almost certainly have to impose nationwide self-driving car regulations that set basic performance and safety standards. Otherwise, manufacturers would have to produce vehicles with different standards in accordance with different state laws.

Joseph Okpaku, Lyft’s Vice President of Government Relations, told a congressional committee that “inconsistent and conflicting” state laws create “the worst possible scenario for the growth of autonomous vehicles.”

Federal law preempts state law wherever there is legal overlap. The National Highway Traffic Safety Administration (NHTSA) is the federal agency traditionally in charge of regulating vehicle performance.

Last September the NHTSA issued guidance that lays out automated vehicle performance guidelines and a 15-point model state policy. But the recommendations are strictly voluntary. They also leave many questions unanswered, such as the open-ended definition of an “operational design domain,” a safety assessment that proposes not allowing autonomous vehicles on public roads until the manufacturer tests under controlled conditions the different traffic and environmental variables the vehicle is likely to encounter.

Ford, GM, Uber, and Tesla poured millions into lobbying the federal government in the first quarter of 2017.

Weather is one operational design domain, although the NHTSA does not mention, for example, if a car intended for use in the South should be equipped to handle the ice and snow of New England. Vehicles also may or may not encounters variables like rock slides, busy pedestrian centers, and wildlife in the road. Should all vehicles be tested and prepared for all conceivable domains? If so, what testing criteria must manufacturers meet to prepare vehicles for these different scenarios?

Such discrepancies could likely be addressed via engineering tweaks for vehicles marketed in different regions. A simple software upgrade might be enough to make a vehicles sold in Arizona ready for a road trip to Alaska. But the broader point is that there are many gray areas to consider when crafting self-driving vehicle regulations.

Making matters even murkier, Elaine Chao, new head of the Transportation Department under President Trump, suggested early in her tenure that the Obama-era guidelines were too restrictive and would be revisited.

But if you follow the money, automakers and tech companies appear confident that federal regulations in some form are on their way. Ford, General Motors, Uber, Tesla, and others poured millions into lobbying the federal government on self-driving car policies in the first quarter of 2017 alone. Lobbying is taking place on the state level as well.

(Click below for page 2.)

Uber Uses Scare Tactics to Turn Drivers from Unions

Without the rights or voice that come with an employee classification, some Uber drivers are seeking union representation.

Uber loves to have their cake and eat it too. Especially when it comes to classifying their drivers.

Are Uber drivers employees? According to Uber, no, which is great, they argue, because it allows drivers to work on their own schedules. And, it happens to save Uber a ton of money by not having to pay minimum wage, sick days, and benefits like unemployment or health insurance.

But, unlike contractors, Uber drivers can’t set their own fares, and they are constantly at risk of being deactivated from the app.

Without the rights that come with an employee classification, nor the ownership and independence that freelancers enjoy, Uber drivers are stuck in a no man’s land without a voice, leading some drivers to seek representation from unions or drivers guilds. 

Judge Temporarily Blocks Seattle’s Collective Bargaining Law

Seattle is currently the battleground for Uber’s union fight. The city passed the For-Hire Driver Collective Bargaining Law at the end of 2015, the first of its kind that allows Uber and Lyft drivers to unionize.

Though limited to Seattle, the law could lead to changes throughout the country in how Uber and Lyft drivers are represented and which rights they are entitled to.

The U.S. Chamber of Commerce (which represents Uber) retaliated by suing the city, claiming that since drivers are contractors, they cannot organize. It would be an issue of price-fixing, they argued, if they had representation to advocate for minimum pay or higher fares.

Last week, a judge ruled in their favor, temporarily blocking the law from going into effect.

“A drivers guild may be a good start, but it’s unlikely that older union models would apply in the face of federal laws regarding independent contractors.”

Interestingly though, a separate federal lawsuit in New York argues that Uber is already guilty of price-fixing since they set the fares for their drivers, all of whom are contractors. 

We asked Ehsan Zaffar, a law professor at American University Washington College of Law, what his thoughts are on the matter. He believes that an entirely new regulatory structure needs to be created which would allow “drivers to pool resources and bargain collectively, while still allowing Uber and its drivers to partake in and fairly benefit from independent contractor provisions.”

“A drivers guild may be a good start, but it’s unlikely that older union models would apply in the face of federal laws regarding independent contractors,” said Zaffar.

Uber Launches Anti-Union Ad Campaign

Uber warns that a union could “essentially stalk drivers” to get them to join and pay dues, referring to them at one point as being “super scary.”

Recognizing the implications of Seattle’s law, Uber deployed a major PR campaign to influence drivers’ opinions on collective organizing.

The company aired TV commercials and made phone calls to drivers to convince them that a union would hurt drivers. Uber’s Seattle podcast even features entire anti-union episodes.

In one podcast episode, Brooke Steger, the General Manager of Uber in Seattle, passionately says that Teamsters, the union that is trying to represent drivers, is trying to “silence drivers.” In another episode, Steger warns that the union could “essentially stalk drivers” to get them to join and pay dues. She refers to them at one point as being “super scary.”

The podcast features comments from Uber drivers that echo the company’s message. Eric, an Uber driver, declares in one episode that “it’s so great that Uber is standing up for its drivers.”

However, it’s unclear how authentic Eric the Uber driver’s testimony is. He mentions in one episode that he is a member of the nonprofit Drive Forward that is fighting for the flexible rights of Uber drivers. If you read the fine print on their website though, you’ll see that the nonprofit was founded by Uber.

Uber’s primary argument that union representation could restrict drivers’ flexibility has been struck down by the Teamsters Union. The union claims that drivers would vote on proposed contracts and any changes in terms. 

Uber Drivers Don’t Have a Voice

If any group of workers needs the right to work together to improve their conditions, and to demand accountability from their employer, it’s Uber drivers.”

Whether or not union representation is the best course of action for Uber drivers remains to be seen, but it’s clear that something has to change to ensure drivers are treated fairly. 

Uber has used drivers’ contractor status to ensure they remain voiceless. 

“Uber drivers are managed by inscrutable and unfair algorithms, and have no way to raise any concerns with the company,” Tom Slee, author of What’s Yours is Mine: Against the Sharing Economy, told us. “If any group of workers needs the right to work together to improve their conditions, and to demand accountability from their employer, it’s Uber drivers.”

“Sharing Economy” is One-Sided for Uber Drivers

“The company is seeking a unique combination of control without responsibility.”

Right now, many Uber drivers are barely getting by, frequently making less than minimum wage, without a safety net for periods of low ridership.  

When Uber decides to offer discounted rides, drivers are forced to comply, even though it often means a cut in their earnings. Uber argues that promotions result in more passengers for drivers, but it also means longer hours. 

There have even been accounts of drivers seeing lower fares on their apps than the fares charged to passengers, causing some to believe that Uber is pocketing the difference.

Drivers are even subject to psychological “gaming” techniques to incentivize them to work longer hours, as a recent New York Times piece detailed. The app used to present drivers with a new passenger before they dropped off the one that was already in their car. Failing to accept at least 90% of rides, or receiving poor ratings—even if a driver doesn’t deserve them— are common grounds for sudden deactivation.

“Uber micro-manages its drivers through software, from tracking driving habits to firing drivers for low ratings. The company is seeking a unique combination of control without responsibility,” said Slee.

As contractors, drivers shoulder a huge amount of Uber’s business risk by not having a steady income or schedule, but they lack the true benefits of “flexibility” that the company likes to promote.

With the pending price-fixing lawsuits in Seattle and New York, and the ongoing employee misclassification class action lawsuits in California and Massachusetts, it’s now up to the courts to decide what exactly Uber is, and how their drivers should be rightfully defined under federal labor law.

 

GameStop Looks to Level Up Its Site’s Cybersecurity

It could be game over for GameStop shoppers.

The video game store GameStop has confirmed that it is investigating a potential data breach that may have occurred on its website between September 2016 and February 2017. The compromised data may include credit card numbers, verification codes, and expiration dates, as well as names and addresses.

In an email to Fortune, a GameStop spokesperson issued the following statement: “GameStop recently received notification from a third party that it believed payment card data from cards used on the GameStop.com website was being offered for sale on a website. That day a leading security firm was engaged to investigate these claims.”

GameStop also expressed regret for any concern the incident may have spurred, and reminded customers to monitor their credit cards for suspicious charges.

This alleged incident is just the latest attack to take place in the increasingly rocky cybersecurity landscape. If you or a loved one suffered financial losses that you believe were caused by a data breach, please contact us today for a free, no-obligation legal consultation.

1.4 Billion Records Breached in 2016

The potential GameStop breach is one of many high-profile incidents involving companies like Arby’s, Saks Fifth Avenue, Neiman Marcus, and of course Yahoo. These breaches finally prompted the state of New Mexico to enact cybersecurity legislation, leaving just two states—Alabama and South Dakota—without these types of laws on the books.

Even two states holding out is surprising given the ever-growing prevalence and threat of data breaches. Cybersecurity company Gemalto recently found that worldwide there were 1,792 breaches in 2016—an 86% increase from 2015. Roughly sixty percent of those breaches (1,100) occurred in the U.S.

The 1,792 global breaches compromised 1.4 billion records. Here are a few of Geralto’s other disturbing findings:

  • Identity theft was the most common type of breach, comprising nearly 60% of incidents.
  • Malicious outsiders—which only accounted for 13% of breaches in 2015—accounted for 68% of breaches in 2016.
  • Fewer than half (48%) of breached organizations reported the full extent of the breaches when they first announced them.

These figures paint a frightening picture: more and more, data breaches are carried out by someone with malicious intent, i.e., identity theft. And all too often, companies not only fail to protect their customers, but they don’t even disclose all (or any) of the details upon learning of the breach.

Gemalto Regional Director Graeme Pyper said, “Hackers are casting a wider net and are using easily attainable account and identity information as a starting point for high-value targets. Clearly, fraudsters are also shifting from attacks targeted at financial organizations to infiltrating large databases such as entertainment and social media sites.” 

Anthem Scares Off Data Breach Plaintiffs

Anthem, Inc. suffered a 2015 data breach that impacted as many as 78.8 million people. The compromised data allegedly included social security numbers, addresses, birthdates, income data, and medical IDs. Experts presume that the data has been sold or will be sold on the black market (which is common after a massive breach).

Anthem’s strategy in battling these lawsuits has been coldly effective.

Naturally, this breach resulted in several class action lawsuits filed by affected consumers. Anthem’s two-pronged strategy in battling these lawsuits has been brilliant and coldly effective.

First, Anthem has released as few details about the breach as possible, which could help the company preserve its innocence in court. Unlike Yahoo, for example, which acknowledged that it took more than a year for the company to announce its massive breaches—a blatant violation of California state law (among others).

Second, Anthem has demanded that plaintiffs turn over their personal computers, ostensibly to prove that any alleged breach did not occur prior to the Anthem incident. As a result of this request, many plaintiffs have dropped their lawsuits. (Many people feel squeamish about turning over their browser histories and other computer habits to a stranger, let alone an attorney.) So even if Anthem loses or settles these cases, the payout will be smaller than it would have been prior to this request.

Until these cases go to trial, we won’t know how many plaintiffs (if any) actually suffered breaches that were unrelated to the Anthem incident—or if Anthem can effectively make the case that these breaches were consumers’ faults, not the company’s.

But if this continues to be an effective strategy, one can expect more and more companies—including, potentially, GameStop—to adopt it in the future.

Saks, Arby’s Data Breaches Spur State Legislation

Data breaches aren’t going away anytime soon, and the latest rash of privacy violations has spurred not just consumer concern but state legislation.

This year has already featured major breaches at Saks Fifth Avenue, Arby’s, and JobLink.

U.S. data breaches hit an all-time high in 2016, with nearly 1,100 breaches—a 40 percent increase compared to 2015. They may peak again in 2017, with several high-profile breaches already endangering Americans’ private information.

This year has already featured major breaches at Saks Fifth Avenue, Arby’s, and JobLink. Those breaches may have compromised hundreds of thousands of consumers’ data.

These attacks also prompted the state of New Mexico—previously one of the few states with no data breach notification laws on the books—to finally enact a Data Breach Notification Act.

Free Case Review

Saks Breach Allegedly Threatens Tens of Thousands

As first reported by BuzzFeed News last week, Saks Fifth Avenue allegedly posted customers’ email addresses, phone numbers, IP addresses, and product codes (of the times they were interested in purchasing) on unencrypted pages on their website. If true, this vulnerability would have endangered the data of tens of thousands of customers.

“This is as bad as security gets. Everyone is vulnerable.”

A spokesperson for Canada-based Hudson’s Bay Company—which owns and runs the Saks website—told BuzzFeed News, “The security of our customers is of utmost priority, and we are moving quickly and aggressively to resolve the situation, which is limited to a low single-digit percentage of email addresses.”

The spokesperson added, “We have resolved any issue related to customer phone numbers, which was an even smaller percent.”

But cybersecurity expert Robert Graham told the site, “This is as bad as security gets. Everyone is vulnerable.”

As a result, many consumers are exploring data breach lawsuits against Hudson’s Bay Company. If you or a loved one have suffered financial or reputational damage as a result of this alleged breach, please contact us today to find out if you might qualify for compensation.

Neiman Marcus Settles Data Breach Lawsuit for $1.6M

Coincidentally, Saks owner Hudson’s Bay Company is reportedly in talks to merge with Neiman Marcus—which recently settled a data breach lawsuit filed by ClassAction.com attorney John Yanchunis for $1.6 million. (If the rumored merger occurs, it may be hard for customers to feel safe using their credit cards at Hudson’s Bay stores.)

The Neiman Marcus breach in December 2013 allegedly exposed the credit card information of 350,000 shoppers. Neiman Marcus claimed the number was much lower, just 9,200 accounts.

Under the terms of the settlement, each member of the class can receive up to $100, while class representatives may receive up to $2,500 for their service.

Mr. Yanchunis has established himself as perhaps the foremost data breach attorney in the country. Recently he was named lead plaintiffs’ counsel in the Yahoo data breach case—the largest class action lawsuit in history, one that includes more than a billion plaintiffs.

New Mexico Finally Passes Data Breach Law

In the wake of these large-scale breaches—along with those of Arby’s and JobLink, among others—the state legislature of New Mexico has finally enacted a piece of cybersecurity legislation: the Data Breach Notification Act, or H.B. 15. That act will now go to Governor Susana Martinez’s desk for her signature.

H.B. 15 states the following:

  • Companies and entities must dispose of personal identifying information once those records are “no longer reasonably needed for business purposes.”
  • Companies and entities must “implement and maintain reasonable security procedures and practices appropriate to the nature of the information to protect the personal identifying information from unauthorized access, destruction, use, modification or disclosure.”
  • Companies and entities must notify affected parties of a data breach within 45 days of learning of it. That said, no notice is required if the breach does not create “a significant risk of identity theft or fraud.” (“A significant risk” is something attorneys will presumably hash out in the courts.)
  • If a breach impacts more than 1,000 New Mexico residents, the attorney general and credit bureaus must also be notified.

If the above measures seem fairly common-sense, they are. All but three states—New Mexico, Alabama, and South Dakota—have similar data breach laws on the books. With New Mexico joining the rest of the country in the 21st century, that leaves just Alabama and South Dakota’s consumers relatively unprotected.

If you or a loved one fell victim to fraudulent credit card charges and/or identity theft as result of a data breach, contact an attorney today for a free, no-obligation legal consultation.

FCC Blocks Privacy Laws While Americans Ask For More

New FCC Chair Ajit Pai blocked the first of the internet privacy rules from going into effect, which required internet providers to protect consumers’ information and disclose data breaches.

Yahoo isn’t the only company that is too cavalier when it comes to your online privacy. In addition to companies left and right leaving your private information vulnerable to hackers, there are those that intentionally hand your personal details to third parties without your consent.

Last year, the Federal Communications Commission (FCC) passed legislation regulating how Internet Service Providers (ISPs) collect, share, and protect your online data. The rules require that companies like AT&T and Comcast ask you to “opt-in” before selling your personal details (like browsing history, location, and more) to advertisers. 

New FCC Chair Ajit Pai, a former Verizon attorney, blocked the first of the internet privacy rules from going into effect last week. The rules required ISPs to protect consumers’ information and disclose data breaches. Critics of the privacy rules, including Pai, argued that they were confusing and unfair because they would have resulted in websites like Google and Facebook being treated differently than internet providers.

“All actors in the online space should be subject to the same rules, and the federal government shouldn’t favor one set of companies over another,” one of Pai’s representatives said last week.

Putting “Corporate Interest Before Consumers”

It’s not about favoring one business over another. In response to Pai’s actions, Senator Edward Markey (D-Mass.) said that we cannot let the FCC “put corporate interest before consumers.”

Supporters of the rules point out that Google and Facebook are free services—as creepy as they sometimes are, it isn’t surprising that users are “paying” in some way. If Americans are uncomfortable with how these websites use their information, they have the ability to cancel their accounts. Internet providers are the “gatekeepers” though; it’s much more difficult for consumers to opt out of these services.  

These arguments aside, any regulation is better than none. While the FCC can hold companies accountable for violating online privacy agreements and using deceptive practices, they can only step in once harm has been done—often, it’s too little too late.

Verizon Fined $1.35 Million for Supercookies

When it comes to deceptive tracking, Verizon may be one of the worst offenders.

In 2015, it was discovered that Verizon installed supercookies on users’ devices which not only tracked phone activity (like websites visited, links clicked, etc.), but were also impossible to remove. The company installed the supercookies without consumer consent to collect information for advertisers.

Verizon “rectified” the situation by directing users to MyVerizon.com to delete the supercookie but this installed yet another cookie. Last year, the company paid a $1.35 million fine to the FCC for deceiving users.

Verizon’s actions are especially discomforting since Pai has a former history with the company.

Majority of Americans Want More Control Over Their Privacy

In a time that is characterized by partisan feuding, one thing that Americans can all agree on is that protecting their online privacy is important, and that the federal government needs stronger laws to protect consumers.

According to a PEW study published in September 2016:

  • 68% of Americans believe current laws are not strong enough to protect online privacy.
  • 74% say it is very important that they are in control of who can get information about them. 
  • 91% agree or strongly agree that consumers have lost control over how their information is collected and used by companies.

Tips for Maintaining Online Privacy

Unfortunately, without strict regulations consumers can only do so much to protect their information from advertisers and potential data breaches. However, you can enhance your privacy by following these steps wherever possible:

  • Change your passwords regularly (make sure they aren’t predictable) and use an app like LastPass to store them.
  • Check your browser’s privacy settings and disable location tracking, cookies, etc. as much as possible. (These are often hard to find. In Chrome, go to: Preferences→Settings→Advanced Settings→Content Settings.)
  • Regularly delete your web history and cookies. Note that this may remove your privacy settings on some platforms.
  • Browse privately using your browser’s incognito mode and use a search engine like DuckDuckGo that doesn’t track your searches.
  • Avoid linking sites, apps, and other accounts to Facebook or Google profiles—which track your activity across platforms—and log out of these accounts when you aren’t using them.
  • Check your app settings to monitor what types information they are collecting. For example, does your favorite game really need to access your contacts?
  • Assume you don’t have privacy and be mindful of what information you share online.

Our lives are so intertwined with the devices we use that this is just the tip of the iceberg for maintaining privacy. Check out The Guardian’s 21 tips for more.

If you were harmed by a data breach, you may be eligible for compensation. Contact ClassAction.com for a free, no-obligation legal review.

John Yanchunis Is Lead Counsel in Yahoo Data Breach Case

ClassAction.com attorney John A. Yanchunis will serve as Lead Counsel on the largest class action lawsuit in history—the Yahoo data breach that allegedly compromised the private data of hundreds of millions of people around the world.

In an order filed Thursday, February 9, 2017 in the Northern District of California, U.S. District Judge Lucy H. Koh appointed John A. Yanchunis of Morgan & Morgan and ClassAction.com to serve as Lead Plaintiffs’ Counsel and Chair of the Plaintiffs’ Executive Committee.

Read the Order

Four firms filed motions to serve as lead counsel: Morgan & Morgan, Kaplan Fox & Kilsheimer LLP, Kessler Topaz Meltzer & Check LLP, and Susman Godfrey LLP. At a hearing in San Jose before Judge Koh made her decision, Mr. Yanchunis argued that a large firm of Morgan & Morgan’s stature—with more than 300 attorneys at its disposal—would be the best choice to take on a case of such magnitude.

At a press conference Saturday, Mr. Yanchunis said, “Morgan & Morgan is the biggest law firm of its type in the country. We have the legal talent and financial strength to take on anyone in this country.”

Mr. Yanchunis also noted that Morgan & Morgan (motto: “For the People”) only represents consumers, and never large companies.

Yahoo’s 2013 data breach (announced last year) compromised the data of roughly one billion users. A separate breach in 2014 compromised the data of 500 million users.

Mr. Yanchunis said Saturday that the lawsuit will represent everyone in the world whose data was breached.

Yanchunis Heads Five-Person Executive Committee

The other firms that filed motions to serve as lead counsel argued that the case was not as complex as it appeared, despite its mammoth size. They also claimed that a single firm should work the case, instead of the committee of firms helmed by Mr. Yanchunis.

Judge Koh thought they made “excellent points,” but ultimately disagreed.

Joining Mr. Yanchunis on the Executive Committee are Gayle Blatt of Casey Gerry Schenk Francavilla Blatt & Penfield LLP, Stuart Davidson of Robbins Geller Rudman & Dowd LLP, Karen Riebel of Lockridge Grindal Nauen PLLP, and Ariana Tadler of Milberg LLP.

As Lead Counsel and the Plaintiffs’ Executive Committee, Mr. Yanchunis and the abovementioned attorneys must review and record all billing records and “impose and enforce limits on the number of lawyers assigned to each task,” among other key duties.

Lawsuit Seeks Tighter Security, Hundreds of Millions in Damages

At the press conference, Mr. Yanchunis cited the long gap between the breaches and their announcement as one of the most concerning aspects of Yahoo’s actions.

“Those breaches either remained undetected or Yahoo failed to inform the public [for years].”

“What’s alarming about this is that the first breach occurred in 2014, but Yahoo did not announce it until September of 2016,” Mr. Yanchunis said. “The breach announced in December occurred in 2013. And yet, those breaches either remained undetected, or Yahoo failed to inform the public about the breaches.”

He also noted that most states have laws on the books requiring companies to inform consumers of data breaches within 30 days of discovering them.

Mr. Yanchunis said the lawsuit will seek stronger cybersecurity measures from Yahoo “to make sure that this never happens again.” Moreover, for those who suffered financial losses as a result of the breach, the lawsuit will seek damages.

Asked how much those damages might total, Mr. Yanchunis said it’s too early to say, but likely in the hundreds of millions of dollars.

“It will be extensive,” he said.

Experience with High-Profile Breaches Proved Crucial

In determining whom to name Lead Counsel for the largest class action ever, Judge Koh weighed the following chief criteria:

  • “Knowledge and experience in prosecuting complex litigation, including class actions, data breach, and/or privacy cases”
  • “Willingness and ability to commit to a time-consuming process”
  • “Ability to work cooperatively and efficiently with others”
  • “Access to sufficient resources to prosecute the litigation in a timely manner”
  • “Commitment to prioritizing the interests of the putative class”

The first criterion, experience, may have clinched the win for Mr. Yanchunis. He and Morgan & Morgan previously litigated two massive data breach cases—the Home Depot Inc. and Target Corp. cases. Those lawsuits were settled for $19 million (Home Depot) and $10 million (Target), respectively.

Now Mr. Yanchunis and his team will take on the biggest breach of all, and aim to hold Yahoo accountable for allegedly endangering the privacies and identities of hundreds of millions of people.

The Regulatory Battles Uber Faces in 2017

In 2016, Uber unleashed a host of innovations: self-driving cars, UberFreight, and more. But with innovation comes new regulations—something Uber consistently demonstrates it doesn’t have the patience for.

Some cities and states believe that by siding with Uber, they are standing for innovation, while others are taking a more cautious approach and are trying to rein in the company. It has created a complicated legal landscape that is still trying to catch up with the new technology.

Here are some of the major legal issues we think Uber will wrestle with in 2017.

State Battles Over Self-Driving Legislation

In November 2016, the Department of Transportation created the first Federal Automated Vehicles Policy, leaving the manufacturing of self-driving cars to companies, and the development of laws and regulations to the states.

Though the document warns against states creating inconsistent legislation, it also says that “states may wish to experiment with different policies and approaches.”

These “experiments” have already been tested during Uber’s self-driving car pilots. In Pittsburgh, the pilot has been relatively uneventful, compared to San Francisco, where the company received a cease-and-desist letter from the Attorney General within two days of the pilot’s launch.

Uber refused to obtain an autonomous vehicle testing permit from the state—which only costs $150.

Uber refused to obtain an autonomous vehicle testing permit from the state—which only costs $150—arguing that their vehicles still required human drivers and therefore did not fit within California’s definition of self-driving. Making matters worse, cameras captured their autonomous cars running red lights and making unsafe turns in bike lanes.

Though Uber dismissed traffic violations as human error from their operators, in the end they shipped their cars to Arizona.

Arizona Governor Doug Ducey welcomed the company, saying, “While California puts the brakes on innovation and change with more bureaucracy and more regulation, Arizona is paving the way for new technology and new businesses.”

In addition to Arizona, Uber may also test their autonomous vehicle technology in Michigan this year. Though there haven’t been any announcements, the state just legalized self-driving cars without licensed drivers, steering wheels or brakes.

Without clear, consistent oversight, though, the legal skirmishes and unsafe driving that we saw in California will likely continue. Increased federal regulation is likely to come, but it may favor Uber and other autonomous vehicle manufacturers: Uber CEO Travis Kalanick and Elon Musk are both on the President-elect’s Strategic and Policy Forum.

Transit Partnerships Demand Greater Transparency

In 2016, some city officials cut back on public transit spending and began offering residents vouchers for Uber rides instead. These programs are often referred to as “First Mile Last Mile” since they replace the first and last few stops of a route where there are the fewest passengers.

Is it wise to give Uber even more power?

For a city’s budget, it often makes financial sense to replace low-traffic bus routes with subsidized Uber rides. Florida cities like Pinellas Park and Altamonte Springs (which pays 20% for all Uber rides within city limits) have done this and claim it’s a success.

It’s a worrisome trend, though, and may negatively affect citizens who rely on public transportation the most. Citizens who don’t own smartphones or credit cards can’t order a ride. And the disabled would likely have a harder time getting around, as it’s still difficult for passengers to find Uber drivers who can accommodate wheelchairs and guide dogs.

Swapping out bus routes for Uber rides also shifts the power away from local authorities to a private company. In addition to replacing public sector jobs with poor contract jobs (see below), it also limits government access to ridership data, which Uber considers confidential information.

New York City is currently battling this issue. The city requires drivers to report pick-up locations and times, but they want to extend this to include drop-off locations and times. Officials argue the data would be used to identify incidents of driver fatigue, but Uber thinks it’s an invasion of privacy.

At the moment Uber and Lyft are subsidizing U.S. ridership, and one day they’re going to start profiting from it.”

While New York City’s argument certainly has some holes, Uber hasn’t proven to be the best privacy protector: Former employees revealed last year that workers tracked the locations of ex-partners and celebrities.

More importantly, is it wise to give Uber even more power? What happens if Uber decides to end these partnerships and local cities are left without efficient bus or train routes?

And, as Slate author Henry Grabar points out, “At the moment Uber and Lyft are subsidizing U.S. ridership, and one day they’re going to start profiting from it.”

Drivers Push to Be Employees, Not Contractors

Will 2017 finally settle Uber’s longest fight, over whether drivers are employees or contractors?

The company has maintained that by classifying drivers as contractors they are providing them with the flexibility drivers desire. “Flexibility” is a common term the company uses to defend why they deny drivers basic employee rights, like informing them when fares are reduced or ensuring that drivers are paid at least the minimum wage.

Two pending class action lawsuits representing drivers in California and Massachusetts will lend weight to the classification debate.

U.S. District Judge Edward Chen rejected the $100 million settlement, saying that it was unfair to drivers.

In April 2016, Uber proposed a $100 million settlement that, if accepted, would have maintained drivers’ contractor status. But U.S. District Judge Edward Chen rejected the settlement, saying that it was unfair to drivers. (The two parties have since resumed negotiations.)

A new thorn for drivers is the Ninth Circuit Court of Appeal’s decision to uphold Uber’s arbitration agreements—an agreement that Judge Chen declared was “unconscionable.” The September 2016 decision ruled that drivers who joined Uber in 2013 and 2014 must settle their disputes in private arbitration, rather than class action lawsuits. This decision will likely disqualify thousands of drivers who were originally in Massachusetts and California’s employee misclassification suit.

ClassAction.com will continue to follow this debate to provide Uber drivers with the latest information on their worker classification and legal rights. If you are an Uber driver, contact us today with your legal questions.

VW Enters New Mobility Market With Moia Brand

Hoping to put the Dieselgate scandal in its rearview mirror, Volkswagen is focusing less on individual vehicle ownership and investing more in ride-hailing, autonomous driving, and electric cars.

MOIA’s focus is changing urban mobility.

These efforts will take place under Moia, a new standalone mobility services company.

Moia signals VW’s intent to compete with tech companies such as Google, Apple, and Uber as a provider of innovative transport solutions.

Volkswagen officially launched Moia at the Tech Crunch Disrupt technology event in London on December 5.

Moia (a Sanskrit word meaning “magic”) will operate as an independent brand under the VW umbrella, which also includes the brands Audi and Porsche.

Global Aspirations

 

The Moia brand is VW’s second step away from its traditional vehicle manufacturing business. In May, VW invested $300 million in Gett Inc., a ride-hailing company that operates in more than 100 cities.

Moia’s initial focus is on ride-hailing and on-demand pooling services. It also plans to introduce an electric car as soon as 2021. European pilot projects start in 2017, but Moia eyes an international market.

“Even though not everyone will still own a car in future, Moia can help make everyone a customer of our company in some way or another,” said Volkswagen CEO Matthias Mueller in a statement.

“We’re a startup with VW group’s resources and we have a global aspiration,” said Moia CEO Ole Harms. “Our sights are set on becoming one of the global top players for mobility services in the medium term.”

Automakers Facing Seismic Industry Changes

An industry that since its inception has focused on selling internal combustion vehicles to individual drivers is under technological assault.

Dieselgate may have been a blessing in disguise for Volkswagen.

Not only is the industry moving towards electric cars with automated features, it’s also facing a future in which drivers themselves are obsolete.

Companies like Uber and Lyft that provide on-demand ride hailing are obviating the need for personal vehicles. Under legal pressure to classify drivers as employees, Uber and Lyft may scrap drivers altogether and introduce driverless taxis. If they do, they’ll have competition from Google and Apple, which are investing heavily in driverless cars. Vehicles from Tesla, Volvo, Ford and other automakers already feature sophisticated automation systems and may be fully automated within a decade.

Volkswagen is a latecomer in this competitive, rapidly-changing, tech-driven environment. Daimler AG, for example, already has a car-sharing service as well as public-transit and cab hailing apps. General Motors is investing $500 million in Lyft and planning an on-demand network of self-driving cars.

While VW brand Audi offers car sharing in San Francisco and Hong Kong and plans to offer self-driving and fully electric cars in 2017 and 2018, overall VW lags behind the competition from an innovation standpoint.

Ironically, Dieselgate may have been a blessing in disguise for the world’s second-largest automaker. The scandal delivered a near-fatal blow to its “Clean Diesel” passenger car campaign, and VW now seeks a strategic revamp as a leaner, more efficient, and future-looking automotive company.

VW recently announced it would lay off 30,000 workers—5 percent of its global workforce—while adding 9,000 new technology positions.

Berlin-based Moia currently employs 50 workers and will have about 200 employees by the end of 2017. Volkswagen intends to generate a substantial share of its revenue from the startup by 2025.

ClassAction.com Attorneys File Data Breach Lawsuit Against Yahoo

Less than a week after Yahoo announced that a 2014 data breach had compromised the private information of 500 million users—and two months before Yahoo said that a separate 2013 breach had endangered the data of 1 billion usersClassAction.com attorneys filed a negligence lawsuit against the tech giant for failing to protect and inform consumers.

Lead plaintiff Edward McMahon filed the lawsuit in the Northern District of California on behalf of himself and all others similarly situated, leaving the door open for a class action.

The complaint argues that Yahoo failed to safeguard its users’ personal information: names, email addresses, passwords, phone numbers, security questions and answers, etc.

Read the Complaint

It also says that Yahoo did not provide timely, accurate, or adequate notice of the data breach, and alleges breach of implied contract and violation of the California Unfair Competition Law, Business & Professions Code.

“It’s inconceivable that Yahoo either failed to detect the breach for two years,” said attorney John Yanchunis, “or it knew of the breach in 2014 and intentionally disregarded the privacy interests of consumers and breach notification laws by failing to inform consumers of the breach for two years.”

Yahoo Breach Could Have Major Aftershocks

Cyber-security experts say the Yahoo breach could trigger a chain reaction in which tens or even hundreds of thousands more accounts are hacked.

Matt Blaze, a security researcher at the University of Pennsylvania, tweeted that “data breaches on the scale of Yahoo are the security equivalent of ecological disasters.”

“Data breaches on the scale of Yahoo are the security equivalent of ecological disasters.”

These types of mega-breaches don’t just stop at the site that was breached, because the hackers now have vital information that can grant them access to other sites as well.

Hackers may use the passwords obtained in the Yahoo breach on other sites, gaining access to some of these accounts, too. Even if just 0.1% of the 500 million passwords work elsewhere, that would equal another 500,000 breaches.

And, as Mr. Yanchunis notes, while many Yahoo users may not actively use their breached Yahoo accounts, that does not mean they closed those accounts prior to 2014—which means their information was still there for the taking.

“The ramifications of this breach may be extremely devastating,” Mr. Yanchunis said.

How to Protect Yourself from Data Breaches

The complaint alleges that the lead plaintiff in the case, Edward McMahon, has noted suspicious activity on his Yahoo accounts, including not being able to access his accounts. He believes the hackers changed his passwords.

Mr. McMahon “has very important sensitive information in his emails that he… believes have been accessed,” according to the complaint.

If your personal information was compromised in the Yahoo data breach, the first thing you should do is change your passwords (Yahoo and others). Make sure they are all strong and unique. Other tips for protecting your data:

  • Enable multi-step verification whenever possible
  • Don’t recycle passwords across sites
  • Use apps like LastPass to store complex, hard-to-crack passwords
  • Check Have I Been Pwned? to determine if/when you’ve been hacked

If you have suffered financial or reputational harm as a result of a data breach, contact us immediately to explore your legal options. You may qualify for a data breach lawsuit.

The 3 Greatest Threats to Uber

For Uber, 2016 has been one bumpy ride.

From January to June, the company recorded losses of $1.2 billion. (In 2015, Uber lost $2 billion.)

In July, after two years and two billion dollars lost in China, Uber bowed out of the country, selling its operations there to hated rival Didi Chuxing.

On August 18, a judge rejected the $100 million settlement Uber had reached with drivers in California and Massachusetts over their independent contractor misclassification. Two weeks later, The Wall Street Journal reported that Google would launch its own ride-sharing service via popular route-finding app Waze.

From January to June, Uber recorded losses of $1.2 billion.

Finally, in October, New York’s Department of Labor ruled that Uber drivers are employees—a ruling echoed later that month by three London judges.

Oof. Even for The Most Valuable Startup in the World, that has to hurt.

It would be hyperbole to say that Uber is in danger of failing. (A $62 billion valuation affords at least a little security.) But, unlike a year or even six months ago, one can now conceive of a world in which Uber falters.

Here are the three greatest threats to the ubiquitous ride-sharing service.

1. Lawsuits

Credit: Fusion.net
Credit: Fusion.net

Uber faced 50 federal lawsuits in 2015: more than Lyft, Instacart, Handy, and Airbnb combined. They outpaced these other gig economy companies in 2014, 2013, and 2012 as well.

They have fought more legal battles than billion-dollar startups Snapchat, Pinterest, WeWork, Dropbox, SpaceX, and Palantir (whatever that is). And the end is nowhere in sight.

In April 2016, a $100 million settlement was reached in two class action Uber lawsuits representing 385,000 drivers in California and Massachusetts.

Scores of drivers filed objections to the deal, which they considered unfair. The lead plaintiff, driver Doug O’Connor, fired his attorney. In a formal objection filed with the court, Mr. O’Connor said that the deal “is not in my interest or in the interest of any Uber driver.”

U.S. District Judge Edward Chen agreed. On August 18, 2016, he rejected the Uber settlement, saying it was not “fair, adequate, and reasonable” for drivers. (These cases will now go to arbitration.)

Judge Chen noted that the amount offered to drivers was just ten percent of what the Uber lawsuit claimed drivers were owed: $1 billion.

Dozens of Uber lawsuits are still pending in courts nationwide. In addition to monetary losses, Uber should dread the potential of a judge ruling that Uber misclassifies its employees as contractors.

By some accounts, Uber would owe its drivers $730 million in reimbursements if their drivers had employee rights.

2. Fines & Fees

In his decision, Judge Chen also emphasized that under the terms of the settlement Uber would pay just $1 million in state penalties—which could otherwise total more than $1 billion.

Two weeks later in Pennsylvania, a state regulator reinstated an $11.4 million fine against Uber for exactly these kinds of penalties. This fine arrived about six months after California’s Public Utilities Commission (CPUC) hammered Uber with a $7.6 million fine for shirking state regulations.

The Pennsylvania Public Utility Commission (PUC) says that Uber operated illegally in the state from February to August 2014, providing almost 123,000 rides without state approval. According to the PUC, Uber also obstructed the state’s investigation into its dealings.

Hold Uber Accountable

Two judges originally set the fine at $49.9 million, but the PUC reduced the total to $11.4 million—against the wishes of state officials.

Uber vowed to appeal, calling the fine “absurd.” But decisions like the PUC’s and CPUC’s often establish a precedent. What is to stop the other 48 states from issuing similar (or even higher) fines?

Moreover, as Uber knows all too well, global expansion is expensive. The startup has met resistance in Australia, Belgium, Brazil, Denmark, France, and countless other countries. Adapting to each nation’s unique laws, waging lengthy legal sieges, and fighting taxi unions costs a lot of money.

In China, Uber tried for two years to make it work. After $2 billion in losses, they threw in the towel.

3. Google/Waze

In May, Google launched an exclusive carpooling service in the Bay Area. Now, through the Waze app, Google is expanding that soft opening so that anyone in San Francisco or Oakland with Waze can request a ride.

The service costs a maximum of just 54 cents per mile, far cheaper than Uber or Lyft. Though it is currently just a carpooling service, presumably Waze will broaden its offerings to include the kinds of on-demand rides made famous by Uber and Lyft.

And like Uber, Waze may not need drivers to do so.

Google’s Self-Driving Car Project (developed by Google X) has been in the works for a decade, with the aim of releasing these cars into the wild in 2020.

It is easy to envision, then, a scenario in which Google/Waze spends the next four years building a ridesharing infrastructure and customer base across the country, and then replaces at least some of its drivers with driverless cars—which would save it a bundle.

In the meantime, Google can learn from Uber’s mistakes and either classify its (human) drivers as employees or offer them similar reimbursements, tips, and other employee rights that Uber has failed to deliver. Because Uber has already waded through so much thorny legal territory (and continues to do so), Waze’s path should be much clearer and smoother.

Uber is the most valuable startup in the world, but Google’s parent company Alphabet Inc. is The Most Valuable Company in the World, with a market value of $546.50 billion: nine times that of Uber.

Uber is a giant, but Google is a god. It has several advantages over Uber (money, branding, experience) and could very well take the startup down—or, more likely, over—in the long run.

Uber Settles Class Actions for $100 Million; Drivers Remain Contractors

Ride-hailing company Uber will pay $100 million to settle a pair of class action lawsuits in California and Massachusetts, but under the terms of the settlement drivers will remain independent contractors, not employees—a major win for Uber.

Under the settlement, Uber agrees to pay up to $100 million to 385,000 drivers in the two states, introduce a policy explaining the circumstances that will lead to drivers in these states being deactivated from the app, explain its decision to terminate drivers, give drivers more information about their individual rating and how it compares to their peers, and set up a driver’s association in both states. Drivers will also be permitted to post signs in their vehicles asking for tips. All of these concessions appease driver concerns.

“We believe the settlement we have been able to negotiate…provides significant benefits—both monetary and non-monetary—that will improve the work lives of the drivers and justifies this compromise result.”

Previously, Uber drivers could be deactivated from the app without much warning or recourse for declining a certain percentage of trips. As Tech Crunch notes, the new policy on accepting rides was likely key to the settlement, since requiring drivers to accept a certain percentage of trips could be seen as a job requirement appropriate for employees.

A new driver deactivation policy explains the circumstances in which drivers are denied access to Uber, and how (if at all) drivers can appeal a ban.

The attorney representing the Uber driver, Shannon Liss-Riordan, views the settlement as a victory for drivers. “We realize that some will be disappointed not to see this case go to trial,” Liss-Riordan said. “We believe the settlement we have been able to negotiate…provides significant benefits—both monetary and non-monetary—that will improve the work lives of the drivers and justifies this compromise result.”

Many experts, however, view Uber as coming out ahead in the settlement, because reclassifying drivers as employees would have forced Uber to pay for driver expenses and other job-based perks such as healthcare, costs that could have run into the billions of dollars and threatened the future prospects of the company’s high-margin business model.

The settlement must be approved by U.S. District Judge Edward Chen before it is binding.

While this particular deal applies only to drivers in California and Massachusetts, it should play a major role in determining the outcome of similar Uber litigation pending in other states.

Most Drivers Will Only Get $24 or Less From Settlement

$100 million sounds like a generous sum, but upon closer inspection, it turns out that the actual amount drivers receive could be as little as $10 in some cases.

To start with, the maximum value of the settlement is $100 million. Plaintiffs will receive an initial sum of $84 million, plus an additional $16 million if Uber goes public and its financial valuation increases 1.5x from its December 2015 valuation.

And according to MarketWatch, although some drivers may receive an $8,000 share of the settlement, most will get $24 or less, and some as little as $10. Payments will be calculated based on total miles driven, whether drivers signed an arbitration clause, whether they’re certified class members, and how many drivers actually file a claim. Named plaintiffs will receive an “enhancement” of up to $7,500.

Get Involved in an Uber Lawsuit

Uber class action lawsuits similar to those that just settled in California and Massachusetts are being filed nationwide. Drivers who think they aren’t being treated fairly by the tech company may be eligible to join an existing class action, or initiate one where they live.

Get answers to your questions about Uber lawsuits during a no-cost, no-obligation case review.

Free Case Review

Data Breaches Sharply On the Rise in 2016

It’s only April, but 227 data breaches have already exposed more than 6.2 million records this year, according to the Identity Theft Resource Center (ITRC). The number of breaches is 10% higher compared to this time last year, when there were 781 breaches exposing more than 169 million records.

A data breach occurs when an unauthorized person (hacker) gains access to confidential information for personal or political gain. Data breaches frequently lead to identity theft and financial losses. They have become increasingly common over the past several years, to the dismay of consumers.

Fight Back

The most notable breach this year (so far) involved fast food giant Wendy’s, which discovered malware on several locations’ systems. Many customers reported suspicious activity on the credit and debit cards they used at these locations. An Orlando man then filed a class action lawsuit against Wendy’s after his card was used by a thief for nearly $600 worth of purchases.

Krebs on Security reports that the financial losses sustained by credit unions from the Wendy’s breach will exceed that of the recent high-profile Target and Home Depot breaches. One credit union CEO hypothesized that the losses could be five to ten times higher than those incidents’.

Krebs also noted that one credit union is already halfway to its average annual total in fraud losses: another terrible omen for consumer security in 2016.

Over 100 Million Records Exposed Abroad

Data breaches are a growing crisis not just in the U.S. but abroad. Last week, a hacker exposed data on 50 million Turkish citizens, including their dates of birth, addresses, and the Turkish equivalent of social security numbers. He appears to have acted for political reasons, based on the following statements:

Who would have imagined that backwards ideologies, cronyism and rising religious extremism in Turkey would lead to a crumbling and vulnerable technical infrastructure? Do something about Erdogan! He is destroying your country beyond recognition.

The hacker also said “we” shouldn’t elect Donald Trump, who “sounds like he knows even less about running a country than Ergodan does,” suggesting the hacker is American.

This incident is one of the largest data breaches in history. The 50 million citizens account for more than half of Turkey’s entire population.

Incredibly, last week also saw a breach of the Philippines’ Commission on Elections (COMELEC), which exposed the data of 55 million voters. The “hacktivist” group Anonymous was supposedly responsible, as it warned the Filipino government to shore up its cyber-security in March.

Both the Turkish and Filipino governments downplayed the breaches, saying nothing of significance was stolen or revealed to the public.

Companies Pay Millions to Settle Data Breach Lawsuits

These data breaches can cost companies millions. When a company fails to exercise reasonable care in protecting their customers’ information, and a breach occurs, affected consumers may be able to file a class action suit against the company.

File a Lawsuit

For example, Home Depot agreed to pay $19.5 million to consumers after its data breach: $13 million to reimburse shoppers for losses and $6.5 million toward identity protection services. Theirs is just one of many multimillion-dollar settlements that have been reached after large-scale data breaches:

  • Sony (PlayStation network breach): $15 million
  • Target: $10 million
  • Sony (employee information breach): $8 million
  • Stanford University Hospital and Clinics: $4.1 million
  • AvMed Inc.: $3.1 million
  • Vendini: $3 million
  • Schnuck Markets: $2.1 million
  • LinkedIn: $1.25 million

In general, companies much prefer settling cases out of court versus going to trial. But that is especially true with data breach lawsuits, because there is almost no court precedent for these kinds of cases. Companies like Home Depot and Sony have no idea what would happen if they went to trial to fight a data breach suit, which is a scary prospect.

Neiman Marcus Ruling Bodes Well for Data Breach Suits

That fear was heightened last summer when a panel of judges ruled that the Neiman Marcus data breach lawsuit (which had previously been thrown out) could proceed. The panel determined that it was reasonably likely that the plaintiffs would suffer injuries from the theft of their personal and financial data.

It’s a significant ruling because it means that the potential for theft or financial loss is legitimate grounds for a suit, even if said theft or loss has yet to occur. In other words, the Neiman Marcus case bodes well for the plaintiffs in current and future data breach lawsuits.

The Best Firm for Data Breach Victims

Our attorneys are currently investigating exactly these kinds of lawsuits. At Morgan & Morgan, we are dedicated to helping consumers hold companies accountable for these invasive data breaches. We have a long and successful history of battling large corporations—and winning. Against Big Tobacco, we won $90 million in verdicts and settlements.

If your credit card information, social security number, or other private information was stolen as a result of a data breach, we would like to hear from you. For a free consultation, complete a free, no-obligation case review today.