This issue arose in Shamara King v. General Information
Services, Inc., a "consumer class action based upon
Defendant's willful violation of the Fair Credit Reporting Act,
15 U.S.C. §§ 1681-1681x. ("FCRA")." In her
complaint, Ms. King brought suit "on behalf of thousands
of employment applicants throughout the country who have been the
subject of prejudicial, misleading and illegal background reports
performed by the Defendant and sold to employers. Defendant has
adopted and maintained a policy and practice of knowingly,
intentionally, recklessly and willfully reporting outdated adverse
information that is required to be excluded from the consumer
reports that it sells."
The defendant GIS then moved to dismiss the case, claiming that
FCRA was unconstitutional:
In sum, [the Supreme Court's decision in]
Sorrell [v. IMS Health] marks a dramatic shift in the
protection afforded to content- and speaker-based restrictions on
truthful commercial information. As the dissent in Sorrell noted,
its holding has sweeping effects on many other laws restricting
disclosure of commercial information, including FCRA. Because a
prohibition on disclosure of truthful information regarding an
individual's criminal record falls squarely within
Sorrell's holding, [the FCRA] is unconstitutional. Accordingly,
the Court should enter judgment on the pleadings in favor of GIS on
Plaintiff's [FCRA] claim.
This is certainly a creative defense, although it may be asking
more than a federal district court is willing to do. It could be
very interesting to see this argument get to an appellate
To view Foley Hoag's Security, Privacy and The Law
Blog please click
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
In last year's BakerHostetler Incident Response Report, we reported the range of PCI DSS non-compliance fines as $5,000 – $50,000 and the per card amount of liability imposed to reimburse issuers of affected cards as $3-$25.
Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C.
The Payment Card Industry Security Standards Council (PCI SSC) has released a new version of its data security standard for the protection of cardholder data, the Payment Card Industry Data Security Standard (PCI DSS).
The idea of cybersecurity may be foreign—or even frightening—to many attorneys. However, as evidenced in Part One of this series ("Cybersecurity: You Can't Afford to Ignore It Anymore," April 25) law firms appear to be the next great target for hackers. In light of that, as a risk management prevention tool, attorneys and firms need to be aware of how to protect themselves.
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).