LinkedIn Wins Round One In Data Breach Suit

[Jeffrey Walton <noloader () gmail com>]

Man consumers need improved data security laws..... Consumers have to
worry about the bad guys and corporations. Corporations don't have to
worry about either since there's almost no risk in mishandling
sensitive information and other data.

https://www.idradar.com/news-stories/social-media/LinkedIn-Wins-Round-One-In-Data-Breach-Suit

It was a big breach. Really big. Over 6.5 million users had their
passwords posted online for all to see. A pair of customers who paid
for LinkedIn’s premium service sued the social networking giant
claiming that last year’s data breach could have been prevented if
LinkedIn had followed the industry standard--encrypted passwords. The
suit was brought as a class action but Tuesday, US District Court
Judge Edward J. Davila issued a ruling granting the company’s motion
to dismiss.

At the heart of Davila’s ruling was the belief that the pair of
plaintiffs-- Katie Szpyrka and Khalilah Wright—could not support the
claim that the company’s paid service included a higher standard of
privacy protection than its free option because the two individuals
had never read LinkedIn’s privacy policy. That policy reads in part,
“All information that you provide will be protected with industry
standard protocols and technology”.

Also at issue was the difficulty of proving damages. Since the
company’s security policy is the same for all levels of accounts,
Szpyrka and Wright could not claim that their paid fees amounted to
damages. Davila found that those fees paid for additional tools and
functionality, not for increased privacy protection.

This may not be the end of the matter however. The case was dismissed
with leave to amend; the suit could be refiled in another form.

...
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.