932 F. Supp. 2d 1089
N.D. Cal.2013Background
- LinkedIn operates LinkedIn.com and provides a professional networking platform with registration and user profiles.
- Users register by providing an email and password and must accept LinkedIn’s User Agreement and Privacy Policy.
- Privacy Policy promises industry-standard protections and discloses security measures, including password protection and SSL, but admits the internet is not 100% secure and that users must protect login information.
- Premium memberships exist, offering enhanced tools; premium terms are the same as nonpaying memberships in the User Agreement and Privacy Policy.
- In 2012, hackers breached LinkedIn, posting ~6.5 million user passwords online and reportedly exposing email addresses, prompting LinkedIn to adjust its password encryption method from hashed to salted+hashed.
- The FAC seeks relief for a Premium Account Class and a Data Breach Subclass, asserting nine causes of action related to security and contract; the court addresses Article III standing and ultimately dismisses the FAC for lack of standing, with leave to amend.
Issues
| Issue | Plaintiff's Argument | Defendant's Argument | Held |
|---|---|---|---|
| Whether plaintiffs have Article III standing to sue. | Plaintiffs contend economic harm from not receiving promised security. | LinkedIn argues no standing because premium security promises were not unique to premium accounts and plaintiffs failed to plead cognizable injury. | Standing lacking; defects in economic-harm theory and contract breach framing. |
| Whether economic-harm/benefit-of-the-bargain theory supports standing. | Plaintiffs rely on not receiving full value of premium security. | Promises about security were the same for premium and basic members; no separate consideration for heightened security. | Insufficient standing under benefit-of-the-bargain theory. |
| Whether Wright’s increased-risk-of-future-harm theory supports standing. | Post-breach increased risk constitutes injury in fact. | Allegations do not plead a legally cognizable injury. | Not pled in FAC; no standing on this theory. |
Key Cases Cited
- Friends of the Earth, Inc. v. Laidlaw Envtl. Servs. (TOC), Inc., 528 U.S. 167 (2000) (standing requires injury, causation, and redressability)
- Lujan v. Defenders of Wildlife, 504 U.S. 555 (1992) (core elements of standing: injury, causation, redressability)
- Steel Co. v. Citizens for a Better Env’t, 523 U.S. 83 (1998) (standing and jurisdiction principles; jurisdiction is preeminent)
- Thornhill Publ’g Co. v. Gen. Tel. & Elecs. Corp., 594 F.2d 730 (9th Cir.1979) (standing attack may be raised on Rule 12(b)(1) grounds)
- Lierboe v. State Farm Mut. Auto. Ins. Co., 350 F.3d 1018 (9th Cir.2003) (requirement that a named plaintiff show injury in fact for class standing)
- Kwikset Corp. v. Superior Court, 51 Cal.4th 310 (Cal. 2011) (California standing and misrepresentation principles; reading of policies relevant to injury)
- Reichert v. General Ins. Co., 68 Cal.2d 822 (Cal. 1968) (elements of breach and damages; standing considerations)
- Hamilton v. Greenwich Investors XXVI, LLC, 195 Cal.App.4th 1602 (Cal. Ct. App. 2011) (contract and damages analysis informing standing context)