The U.S. Supreme Court handed telemarketing and privacy defendants a nice gift in May. In Spokeo Inc. v. Robins, the court denied standing to an individual who had brought a federal class action against a consumer reporting agency that operates a “people search engine” for users, including employers wanting to evaluate job applicants. He charged that the company, Spokeo, had violated procedures in the Fair Credit Reporting Act (FCRA) and, in doing so, had generated inaccurate information on him.
The question was whether Robins, the class plaintiff, had met the “case or controversy” standing requirement for federal court jurisdiction set out in Article III of the U.S. Constitution by showing he had suffered a real injury, dubbed in the law as “injury-in-fact.” After losing at trial, Robins won in the U.S. Ninth Circuit Court of Appeals, which found standing because Robins’ interest in the handling of his credit information was “individualized.” Reversing, the Supreme Court held that showing an injury is “individualized,” or “particularized,” is not enough. To get into federal court – to prove injury-in-fact – a plaintiff also must show that the injury is “concrete.”
In explaining its decision, the Supreme Court said that for an injury to be “concrete and particularized” enough to confer standing, it must involve a threat to a “protected interest” that is “actual or imminent, not conjectural or hypothetical” – an injury that is de facto, one that actually exists. While the harm does not have to be tangible, it stated a plaintiff “does not automatically satisfy the injury-in-fact requirement whenever a statute grants a right and purports to authorize a suit to vindicate it. Article III standing requires a concrete injury even in the context of a statutory violation.”
Unless Congress has made clear that a violation of a procedural right granted by statute is sufficient to constitute injury-in-fact, without proof of any additional harm, a mere allegation of a “bare procedural violation” will not get a plaintiff past the courthouse steps.
So, what does Spokeo have to do with suits brought under the Telephone Consumer Protection Act (TCPA) and federal privacy laws? The TCPA and certain other federal statutes authorize private individuals to sue for damages for violations of privacy protection procedures placed in those statutes. The chief privacy protection in the TCPA is the requirement for telemarketers to have “prior express written consent” to call or text a consumer. Damages are $500 per violation and $1,500 for each “willful” or “knowing” violation. TCPA class action awards can total, and have totaled, in the millions of dollars, based on showings of only a “bare” violation of the statutory consent requirement, without proof of “injury-in-fact” that meets the Supreme Court’s standing standard of both “particularity” and“concreteness.”
Does receiving unwanted marketing calls and texts, or mishandling of personal information, constitute a particularized, concrete harm? TCPA and other federal privacy defendants don’t’ think so, and have wasted no time exploiting Spokeo to try to turn back class actions based on a failure to meet the two-part injury-in-fact test. The new Spokeo defense is being asserted in federal class actions all over the country, and already with success.
In Wisconsin, a federal judge has tossed a class action accusing Time Warner Cable of retaining subscribers’ personal identification information after they ended their service, ruling the ex-customer who brought the suit lacked standing under Spokeo. In New York, a federal judge appeared skeptical that consumers accusing an NBA video game maker of unlawfully scanning their faces had alleged enough harm to constitute actual injury. Yahoo has asked an Illinois federal court to toss a TCPA class action, arguing that one-time text messages didn’t harm anyone. Hooters is seeking dismissal of a TCPA class action in Georgia by arguing that a man who received an unsolicited text message suffered no actual harm. And an insurance company, Scottsdale Insurance, has even filed suit in California federal court contending that under Spokeo, it isn’t liable for continuing to cover a class action accusing a mobile marketing company of TCPA privacy violations. On the other side of the ledger, however, a federal judge in West Virginia is permitting a TCPA class action against Got Warranty to proceed under Spokeo, finding that the class representative suffered concrete, particularized injuries from receiving unsolicited robocalls.
Spokeo is indeed a gift from on high to companies fighting TCPA and other federal privacy class actions. While its full import is yet to be determined, it has the potential to take the wind out of the gale of TCPA lawsuits that has been howling through the federal court system since promulgation of the “prior express written consent” requirement three years ago. It should be Chapter One of the TCPA defense handbook, and legal malpractice not to cite it.