This issue arose in Shamara King v. General Information
Services, Inc., a "consumer class action based upon
Defendant's willful violation of the Fair Credit Reporting Act,
15 U.S.C. §§ 1681-1681x. ("FCRA")." In her
complaint, Ms. King brought suit "on behalf of thousands
of employment applicants throughout the country who have been the
subject of prejudicial, misleading and illegal background reports
performed by the Defendant and sold to employers. Defendant has
adopted and maintained a policy and practice of knowingly,
intentionally, recklessly and willfully reporting outdated adverse
information that is required to be excluded from the consumer
reports that it sells."
The defendant GIS then moved to dismiss the case, claiming that
FCRA was unconstitutional:
In sum, [the Supreme Court's decision in]
Sorrell [v. IMS Health] marks a dramatic shift in the
protection afforded to content- and speaker-based restrictions on
truthful commercial information. As the dissent in Sorrell noted,
its holding has sweeping effects on many other laws restricting
disclosure of commercial information, including FCRA. Because a
prohibition on disclosure of truthful information regarding an
individual's criminal record falls squarely within
Sorrell's holding, [the FCRA] is unconstitutional. Accordingly,
the Court should enter judgment on the pleadings in favor of GIS on
Plaintiff's [FCRA] claim.
This is certainly a creative defense, although it may be asking
more than a federal district court is willing to do. It could be
very interesting to see this argument get to an appellate
To view Foley Hoag's Security, Privacy and The Law
Blog please click
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
The National Institute of Standards and Technology has released the fourth revision of its standard-setting computer security guide, Special Publication 800-53 titled Security and Privacy Controls for Federal Information Systems and Organizations, and this marks a very important release in the world of data privacy controls and standards.
The obligations of hedge funds, investment managers and service providers to protect confidential information relating to investors and avoid breaches of data privacy legislation is increasingly in focus.
In a recently released decision from the U.S. District Court for the Southern District of Florida, Mais v. Gulf Coast Collection Bureau, et al., Judge Robert N. Scola, Jr., granted in part and denied in part cross motions for summary judgment in a putative class action before considering the issue of class certification.
The report also found that most utilities only comply with mandatory cybersecurity standards, and have not implemented voluntary NERC recommendations regarding general or specific threats (e.g., Stuxnet).