Doing the Data Breach Lawsuit
An infidelity website, Madison Ashley and its parent company, have been sued in federal court by a man who claims that the companies failed to adequately protect clients’ personal and financial information from theft, saying he suffered emotional distress.
The lawsuit accuses Madison Ashley (MA) and parent company of negligence and invasion of privacy, as well as causing emotional distress. The lawsuit follows a breach of the Madison Ashley website by a group called the Impact Team, which downloaded “highly sensitive personal, financial, and identifying information of the website’s 37 million users.
The lawsuit follows a breach of the MA website by a group called the Impact Team which had threatened to publish the “stolen personal information” if the MA website was not shut down. This information included millions of email addresses for U.S. Government officials, UK civil servants and high-level executives at European and North American corporations.
The Plaintiff argues that the data breach could have been avoided if the company had taken “necessary and reasonable precautions to protect its users’ information”. MA knew of several technical issues that could had led to a data breach but did nothing. The defense argues that their damages must be proven and, as there is no indication of credit card fraud or illegal use of the information, there is no basis for the case. Additionally, their website contains this sentence “We cannot ensure the security or privacy of information you provide through the Internet.”
- Do individuals who subscribe to and visit this site have a reasonable expectation of privacy? Why or why not?
- Are there facts that would support a tort action and, if so, what tort(s)?
- Are there any other defendants besides MA? If so, why sue just MA?