Duane Morris Class Action Review - 2023 - Report - Page 140
recover damages for the inherent value of their personal information stolen during the
breach based upon Marriott’s own valuation of that same data. The court’s opinion also
discussed how the valuation of personal information is still fairly new territory for many
courts, and that this decision is the first case to reach class certification on the
issue. While the court actually precluded the plaintiffs’ expert on this point, it also
recognized that the plaintiffs may have the ability to introduce the value that Marriott
itself derived from its customers’ data at trial as a component of damages the class
sustained. The court also accepted the damages methodology of the plaintiffs’ experts
that Marriott and Starwood guests overpaid when making hotel reservations because of
substandard security. Finally, the court found that the plaintiffs could seek to recover
nominal damages and statutory damages in some states as well.
In Almon, et al. v. Conduent Business Services LLC, 2022 U.S. Dist. LEXIS 175734
(W.D. Tex. Sept. 28, 2022), the plaintiffs achieved mixed results on class certification
issues. The plaintiffs, a group of current and former customers of the defendants,
alleged that unauthorized users withdrew funds from their Direct Express accounts and
that Defendants failed to properly respond to the fraudulent transactions, thereby
violating the Electronic Fund Transfer Act (EFTA), 15 U.S.C. § 1693, et seq., its
implementing regulations (Regulation E), 12 C.F.R. § 1005.1, et seq., and the Terms of
Use that constitute the contract between the parties. The plaintiffs filed second
amended motion for class certification, which the court granted in part and denied in
part. Id. at *55. In regards to the breach of contract class, the court held that the
threshold question of whether fraud occurred at all is a fact-intensive inquiry that will
vary with the circumstances of each case, as the narratives of the putative class
representatives demonstrated. Id. at *44. Accordingly, the court held that the plaintiffs
failed to demonstrate that the proposed breach of contract class was sufficiently
cohesive to warrant class-wide adjudication, and thus did not satisfy the requirement of
predominance. Id. at *47. In regards to the EFTA classes, the court rejected the
defendants’ arguments as to predominance and the difficulty of ascertaining the putative
members of each EFTA class, noting that the defendants already tracked compliance
with the EFTA and Regulation E. Id. at *49. The court further held that the plaintiffs met
their burden of meeting the requirements of Rule 23(a) and 23(b)(3) with respect to the
EFTA classes, noting that the presumably low available recovery weighs in favor of a
class action. Accordingly, the court granted in part and denied in part the plaintiffs’
renewed motion for class certification. Id. at *55.
In Flores-Mendez, et al. v. Zoosk, Inc., 2022 U.S. Dist. LEXIS 133027 (N.D. Cal. July
27, 2022), the plaintiffs filed a class action alleging injuries stemming from a massive
data breach in January 2020, which purportedly occurred because the defendant failed
to adequately protect the plaintiffs’ personal information. The plaintiffs moved for class
certification, and the court denied the motion. The defendant argued that the named
plaintiff waived any right to represent the class or sub-class because she signed the
defendant’s Terms of Use, which contained a valid class action waiver. In response, the
plaintiffs argued that the defendant effectively waived enforcement of its class action
waiver by participating in litigation for nearly two years and never once raising the issue.
Id. at *2. The court held that the defendant’s contract was not procedurally
unconscionable since reasonable market alternatives existed. Id. at *4. In addition, the
139
© Duane Morris LLP 2023
Duane Morris Class Action Review – 2023
