96 Indiana Law Journal 937 (2021)
This Comment will argue that the Supreme Court should analyze standing in data breach litigation under a standard that is deferential to state statutory and common law. Specifically, federal standing analysis should look to state law when determining whether an injury is concrete such that the injury-in-fact requirement is met. Some argue that allowing more data breach cases to proceed to the merits could lead to an explosion of successful litigation and settlements, burdening the federal courts and causing economic losses for the breached businesses. These concerns may be valid. But if state law provides a remedy to the harm suffered, the federal courts should not remove their redress. Federalism instructs otherwise.
Part I explains the current data breach climate. Part II then discusses the more common causes of action that plaintiffs claim in data breach litigation. Part III then begins the standing discussion and lays out the existing state of affairs for standing in data breach litigation. Next, Part IV discusses dignitary harms and the need to respect the sovereignty of the individual states and their ability to define their own laws. That Part argues the Supreme Court should defer to state determinations of what constitutes harm under the law the state wrote. Then, Part V addresses the inconsistent results that the tightening of standing law has created and discusses the possibility of a federal omnibus privacy law. Finally, this Comment concludes by reiterating the point that plaintiffs must allege that a legally protected right has been violated. To effectively analyze this claim, the Supreme Court should defer to the entity that created that legally protected interest and determine what it sought to protect.
"What's the Harm? Federalism, the Separation of Powers, and Standing in Data Breach Litigation,"
Indiana Law Journal: Vol. 96:
3, Article 7.
Available at: https://www.repository.law.indiana.edu/ilj/vol96/iss3/7