Last week, the Supreme Court remanded a privacy class action settlement to the Ninth Circuit over concerns about the named plaintiffs’ standing. Specifically, the Court ordered the Ninth Circuit to conduct a Spokeo analysis to determine whether any of the three named plaintiff’s suffered a concrete injury as a result of Google’s alleged violation of the Stored Communications Act. As a brief reminder, the Court held in Spokeo v. Robbins in 2015 that a technical or procedural violation of a statute is insufficient to meet the “concrete injury” requirement of Article III standing absent actual harm to the plaintiff. Even in cases where Congress has created a private right of action for plaintiffs to pursue violations of a statute, the Court held that does not mean the plaintiff has automatically suffered actual harm or an actual injury due to a statutory violation. In the case at bar, the Court said it could not rule on the validity of the class action settlement before these standing issues presented by Spokeo were addressed by the Ninth Circuit, which issues it also declined to decide.
In another branch of government, freshman Representative Katie Porter highlighted the Spokeo standard without naming it last month in a hearing of the Financial Services Committee, and also seemed to call its conclusion into question. During a round of questioning of a CEO facing a data breach class action lawsuit, Rep. Porter asked him why the company’s lawyers were arguing in court filings that the data breach did not cause harm to consumers, when the CEO himself was clearly uncomfortable with the idea of sharing his own personal information with the Committee.