The court disagreed that the Sixth, Seventh, and Ninth Circuit cases control because they involved allegations where (1) a data thief targeted the personal information that was compromised, or (2) a data thief misused or accessed the compromised personal information. Turning first to the plaintiffs’ argument that the risk of future identity theft established an injury in fact, the court recognized the circuit split between its sister courts, explaining that the Sixth, Seventh, and Ninth Circuits recognize that plaintiffs can establish such an injury in fact at the pleading stage, but that the First and Third Circuits have rejected mere allegations of future identity theft. 1540 (2016) because the plaintiffs did not allege that Dorn VAMC’s violations of the Privacy Act alone constitute an Article III injury in fact. The court rejected the applicability of Spokeo, Inc. Notably, the court found the standard in Clapper to be controlling: that a threatened injury must be certainly impending. On appeal, the Fourth Circuit’s primary inquiry was whether the plaintiffs’ established an injury in fact. The district court also found that the Watson plaintiff’s claims for injunctive relief under the APA failed because Dorn VAMC’s alleged history of failing to protect personal information, alone, did not establish that the plaintiff remained in danger of sustaining injury. The defendants also moved to dismiss the Watson plaintiff’s claims, which the district court granted, holding that pursuant to Clapper, the plaintiff lacked Article III standing under the Privacy Act because there were no allegations of actual or attempted misuse of her personal information.
1138, 1155 (2013), the Beck plaintiffs lacked Article III standing (1) under the Privacy Act because there was not enough evidence of a “certainly impending” risk or “substantial” risk of future harm of identity theft and (2) to seek injunctive relief under the APA because it was speculative that the plaintiffs’ personal information will be compromised again resulting in injury. After discovery, the defendants renewed their motion to dismiss and alternatively moved for summary judgment, which the district court granted in its entirety, holding that pursuant to Clapper v. The defendants moved to dismiss the Beck plaintiffs’ claims for lack of subject-matter jurisdiction but the motion was denied. § 701 et seq, against the VA and Dorn VAMC. § 552a et seq., for violations of the Act that caused “the threat of current and future substantial harm from identity theft and other misuse of their Personal Information,” and seeking injunctive relief under the Administrative Procedure Act (“APA”), 5 U.S.C. The plaintiffs filed two separate lawsuits against Dorn VAMC seeking declaratory relief and money damages under the Privacy Act of 1974, 5 U.S.C. The plaintiffs in the consolidated appeals are veterans whose claims arose when (1) a laptop that contained unencrypted and sensitive personally identifying information of 7,400 patients was misplaced or stolen from a department at Dorn VAMC (“ Beck plaintiffs”) and (2) four boxes of pathology reports containing the same type of identifying information of over 2,000 patients had been misplaced or stolen (“ Watson plaintiff”) (collectively, the “plaintiffs”). The Fourth Circuit held that the plaintiffs “failed to establish a non-speculative, imminent injury-in-fact for purposes of Article III standing.” Id. 2017), affirmed the district court’s order dismissing the plaintiff veterans’ putative class-action claims against the Secretary of Veterans Affairs and Dorn Veterans Affairs Medical Center (“Dorn VAMC”) officials for lack of subject-matter jurisdiction. Court of Appeals for the Fourth Circuit, in the consolidated appeal Beck v.
with Rachel Forman, an Associate with the firm. Frank Cruz-Alvarez, a Partner in the Miami, FL office of Shook, Hardy & Bacon L.L.P.
0 kommentar(er)
