Class action plaintiffs asserting claims against Sony in connection with the 2011 Sony PlayStation Network ("PSN") data breach face permanent dismissal of their claims unless they can allege actual losses resulting from the breach. In an October 11 decision, a federal court in Los Angeles granted in part Sony's motion to dismiss plaintiffs' claims, holding that plaintiffs had not pleaded the existence of sufficient injury or damages to support their claims for negligence and for violation of California's unfair competition law ("UCL") . The decision granted plaintiffs leave to file an amended complaint to attempt to plead sufficient losses to support their claims. It is unclear whether plaintiffs will be able to do so and, even if they can, the nature of the injuries and damages that would have to be alleged to survive a renewed motion to dismiss are likely to be too individualized to lend themselves to certification of a plaintiff class.As previously reported in this blog, the claims against Sony relate to a 2011 data breach that allegedly resulted in the theft of credit card and password information relating to users of PSN and Sony's Qriocity service. After the data breach occurred, Sony shut down PSN and Qriocity to address potential security issues, and notified users of the breach. Sony offered users compensation in the form of free identity theft protection services and certain free downloads and online services. The lawsuit claims that Sony knew or should have known of its system's vulnerability and, nonetheless, negligently failed to maintain proper security. Plaintiffs allege that the data breach injured them by reason of network downtime after the data breach, fraudulent credit card charges made against certain plaintiffs' credit cards, and the risk of identity theft. Notably, plaintiffs who claimed that unauthorized charges were made against their credit cards did not allege that they were personally responsible for paying those charges. Sony moved to dismiss on several grounds, focusing primarily on the absence of injury. In particular, Sony claimed that failure to allege actual out-of-pocket losses meant that there was not an injury in fact sufficient to permit standing to sue under Article III of the United States Constitution. Sony also argued that the absence of out-of-pocket damages meant that plaintiffs failed to state claims for negligence and for violation of the UCL. The court rejected the argument that...
Court Decision In Sony PlayStation Data Breach Case Places Burden On Plaintiffs To Allege Actual Damages
|Author:||Mr Kevin McGinty|
|Profession:||Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C.|
To continue readingFREE SIGN UP