• Data Privacy Case Finds Federal Standing Where Theft of Unencrypted Employee Data from Company Laptop Was “Credible Threat”
  • February 22, 2011 | Authors: Anthony J. Diana; Megan E. Harmsen; Rebecca S. Kahan
  • Law Firm: Mayer Brown LLP - New York Office
  • In Krottner v. Starbucks Corp., the Ninth Circuit Court of Appeals found that three current or former Starbucks Corporation employees had standing to bring claims against Starbucks arising out of the theft of a laptop containing unencrypted, personally identifiable information (PII), despite the fact the plaintiffs had not suffered any financial harm. However, the court also affirmed the district court’s finding that plaintiffs did not have a cause of action for negligence or contract liability under Washington law. In reaching its conclusion that the plaintiffs had standing, the Ninth Circuit found that the possibility of identify theft was “a credible threat of harm” sufficient to meet the injury-in-fact requirements of standing.