In recent years, there has been an explosion of consumer class actions arising from data breaches. Notwithstanding the proliferation of data breach litigation, consumers continue to face significant obstacles in maintaining their claims in court. Perhaps the most critical stumbling block is meeting the standing requirement of Article III of the U.S. Constitution.
Standing in Data Breach Cases
To demonstrate Article III standing, plaintiffs must show (1) an injury in fact, (2) causation, and (3) redressability. Establishing an injury in fact requires an invasion of a legally protected interest that is actual or imminent, and not conjectural or hypothetical. Plaintiffs also must be able to show a causal connection between the injury and the alleged wrongful conduct. That is, the harm must be fairly traceable to the defendant's acts. Finally, plaintiffs must demonstrate that it is likely—not merely speculative—that a favorable decision from the court will make them whole.