Online data aggregator and broker Spokeo has come in for criticism by privacy advocates who argue that the company makes available financial data about Web users without also providing the protections
of federal law governing credit bureaus -- like allowing people to correct inaccuracies.
The company also was hit with two potential class-action lawsuits by Web users who allege that it's
violating the federal Fair Credit Reporting Act.
But despite drawing the wrath of consumer advocates, the company appears to be gaining the upper hand in court. In a decision quietly entered
last month, U.S. District Court Judge Otis Wright II in the Central District of California dismissed one of those lawsuits. Wright ruled that the plaintiff, Thomas Robins of Vienna, Va., couldn't
proceed because he didn't allege he had been injured by Spokeo.
Robins alleged in court papers that much of Spokeo's data was inaccurate, noting that the site incorrectly said he was in his
50s, married with children, and employed in a professional or technical field. Robins said that he was seeking a job at the time he filed suit and that he feared the errors in the report "will affect
his ability to obtain credit, employment, insurance, and the like."
Robins argued that the site effectively function like a credit bureau and should be subject to the same laws. But Wright
ruled Robins wasn't entitled to bring that claim, ruling that a fear of future harm wasn't enough to get into court. Cyberlaw expert Venkat Balasubramani predicts that Robins will amend his complaint and try again.
Whether Robins can allege facts that the judge
presiding over his lawsuit will deem sufficient remains to be seen. But the question posed by his case will almost certainly reappear in other litigation -- especially given the wave of recent privacy
lawsuits. Traditionally, people aren't allowed to sue in federal court absent some sort of injury. But in privacy situations, the harm often is intangible -- though nonetheless meaningful to the
litigants.
Of course, even if the courts don't want to get involved in these privacy disputes, the Federal Trade Commission might take on companies that allegedly violate users' privacy. For
many years the FTC looked at privacy issues by assessing whether consumers suffered tangible harm, but agency officials are now saying that privacy violations can result in harm that's intangible and
non-economic, but nonetheless problematic.
In fact, the FTC is currently considering a complaint against Spokeo brought by by the advocacy group Center for Democracy & Technology. That complaint, much like Robins'
lawsuit, argues that Spokeo allegedly violates federal law by offering information about users' financial status and credit ratings without giving consumers the protections required by the federal
Fair Credit Reporting Act.