Ruiz v. Gap, Inc.

Was March National Privacy Month and no one told me? (October is National Cyber Security Awareness Month, so don't try to hack anything.) In addition to a March 31, 2008 decision by the D.C. Circuit holding that “actual damages” under the Privacy Act need not necessarily include pecuniary harm (blogged here by Lauren Gelman), the Northern District of California affirmed the standing of a class action plaintiff to sue for negligence over a stolen laptop containing personally identifiable information, based on the mere risk of identify theft. These are both important cases in that they may signal a trend toward greater recognition of the emotional and dignitary interests implicated by the exposure of personal data.

Add new comment