SAN FRANCISCO -- The U.S. Ninth Circuit Court has heard arguments over shoe retailer Zappos.com 2012 data breach complaint to consider if the consumer case against the Amazon company should be revived.
Attorney Douglas Gregory Blankinship argued that a Nevada federal court erroneously ruled a dismissal over the 2012 breach of consumers Personal Identification Information (PII), which allegedly affected up to 24 million consumers who used the online shoe retailer.
“They [consumers] have to provide that [PII] to Zappos to complete the transaction and Zappos promises that will be protected” Blankinship, a partner with Finkelstein Blankinship Frei-Pearson & Garber LLP, said to Judges John Owens, Elaine Bucklo and Michelle Friedland in December 2017 argument.
“We have an online service that explicitly promises to things, shoes and that your personal identification Information will be protected,” Blankinship said, adding this poses the question can an online retailer promise online security and not fulfill the vow. “That can’t be the case,” he said
Blankinship said there is definitely an Article 3 injury for the consumers who have come forth.
“Had Zappos not made these explicit representations, then there might not be a consumer protection claim, there would be just a negligent misrepresentation claim,” Blankinship said.
Owens wanted to know if in the recent Eight Circuit case, Alleruzzo v. SuperValu, when the plaintiff alleged possible future injury due to identity theft, was not in direct conflict with the Zappos case.
“Explain to me one, why we should go your way in light of that case and second is there a way can we distinguish that case were we are not directly in conflict with it if we are going to go your way,” Owens asked.
Blankinship said the SuperValu case was an “over-the-counter” case, which distinguishes the difference with Zappos, an online retailer.
“Most people that go to the grocery store do not check the website to see if there is going to be security or not,” Blankinship said citing Kuhns v Scottrade, another Eighth Circuit data breach case. “The Eighth Circuit held if there is an explicit promise that there will be data security that becomes the basis of the benefit of the bargain.”
Before going forward, Judge Michelle Friedland wanted to know if the court was reviewing the third amended complaint, which has become now the operative one.
"Your asking us to assume an allegation of the complaint is not true,” Friedland asked. “I thought that they talked about whole credit card numbers in complaint one,” Friedland asked.
Blankinship returned to the podium, saying he does not think his plaintiff's case stands on whether it was the tail or the entire credit card that was stolen. However, Friedland wanted to know the risk of just having the last four numbers exposed and in jeopardy of being stolen.
“Your honor, that risk comes from the fact that their names, emails and passwords were stolen,” Blankinship said.
Owens adjourned the argument hearing and said the argument was officially submitted.