Supreme Court Hands Interim Victory To Spokeo Search Site - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Supreme Court Hands Interim Victory To Spokeo Search Site

The US Supreme Court has sided with Spokeo in a false-data case, saying that the plaintiff failed to show that he suffered a "concrete" injury. The case highlights several warnings for businesses that aggregate data for sale to the public.

10 Big Data Books To Boost Your Career
10 Big Data Books To Boost Your Career
(Click image for larger view and slideshow.)

The US Supreme Court Monday handed an interim victory to online people-search company Spokeo in a closely watched case that claimed incorrect information posted on the search site caused harm to the plaintiff.

In a 6-to-2 decision, the high court said that there was no evidence of actual harm as a result of the inaccurate information, according to its opinion posted on the SCOTUS site.

In the case, plaintiff Thomas Robins claimed a profile posted to Spokeo's website inaccurately characterized him as a man in his 50s, who was married with children, has a graduate degree, and is employed in the technical field, according to a copy of the lawsuit obtained by InformationWeek. The lawsuit was filed in the US Central District Court of California in 2010 and cited the Fair Credit Reporting Act as the basis to file the suit.

In the lawsuit, Robins states he was concerned the inaccuracies in the Spokeo report would "affect his ability to obtain credit, employment, insurance and the like." He noted he was currently unemployed and particularly concerned that the inaccuracies in the Spokeo report would affect his ability to land a job.

(Image: skeeze via Pixabay)

(Image: skeeze via Pixabay)

In its ruling, the Supreme Court noted that the plaintiff not only needed to prove that the inaccurate information affected him in a "personal and individual way," otherwise known as "particularized," but also that the injury actually existed, or was "concrete," the justices stated in their opinion. "We have made it clear time and time again that an injury in fact must be both concrete and particularized," the justices stated in their opinion, pointing to various cases that have come before this one and noting that this particular case only focused on the particularized aspect.

The justices further noted:

Not all inaccuracies cause harm or present any material risk of harm. An example that comes readily to mind is an incorrect zip code. It is difficult to imagine how the dissemination of an incorrect zip code, without more, could work any concrete harm.

The Supreme Court, while adding further definition of what is needed to bring an inaccurate data case to the courts, pushed the Spokeo case back down to the lower courts to reconsider it, noting the lower courts had used an incorrect legal analysis when it allowed the case to move forward to the Supreme Court. In issuing its order, the Supreme Court noted the federal appeals court failed to consider whether Robins suffered concrete injury and only looked at his particularized injury.

"The Spokeo case highlights a number of very important red flags for businesses that aggregate data for sale to the public," Gary D. Nissenbaum, managing principal of the Nissenbaum Law Group, told InformationWeek.

First, the definition of "consumer reporting agency" under the Fair Credit Reporting Act is fairly expansive. It includes persons who assemble or evaluate consumer credit information or other information relating to consumers for the purpose of furnishing consumer reports to third parties through interstate commerce. That means that there are many data aggregators that one would not think of as credit reporting agencies, but in fact are covered by the statute, he said.

[Read FBI Hacking Authority Expanded By Supreme Court.]

Second, added Nissenbaum, the person who is asserting that they were injured by the dissemination of false data does not have to prove that they were actually injured in a particular dollar amount. On the other hand, they do have to show that the injury was more than just the failure to follow the procedures of the Fair Credit Reporting Act.

And lastly, the Supreme Court resisted the opportunity to undermine the ability to file a class-action lawsuit for violations of statutes such as the Fair Credit Reporting Act, said Nissenbaum. Instead, it only imposed a requirement that the damages be better defined by the lower court in a way that was consistent with the statute's requirements.

"The takeaway for Internet businesses that aggregate data is that they must be aware of the legal requirements that impose obligations to protect the integrity of the information, and they must comply with the procedures set in place to prevent consumers from being misled," Nissenbaum said. "Data aggregation and dissemination is a legally complex area of Internet commerce, and pitfalls can arise from both federal law [as in this case] and state or other legal and regulatory schemes."

Dawn Kawamoto is an Associate Editor for Dark Reading, where she covers cybersecurity news and trends. She is an award-winning journalist who has written and edited technology, management, leadership, career, finance, and innovation stories for such publications as CNET's ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

How SolarWinds Changed Cybersecurity Leadership's Priorities
Jessica Davis, Senior Editor, Enterprise Apps,  5/26/2021
How CIOs Can Advance Company Sustainability Goals
Lisa Morgan, Freelance Writer,  5/26/2021
IT Skills: Top 10 Programming Languages for 2021
Cynthia Harvey, Freelance Journalist, InformationWeek,  5/21/2021
White Papers
Register for InformationWeek Newsletters
2021 State of ITOps and SecOps Report
2021 State of ITOps and SecOps Report
This new report from InformationWeek explores what we've learned over the past year, critical trends around ITOps and SecOps, and where leaders are focusing their time and efforts to support a growing digital economy. Download it today!
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Flash Poll