By: Meghan Murphy,
“Life is short. Have an affair”: the estimated 37 million users exposed in the recent Ashley Madison hack know this slogan intimately.[1] On July 15, 2015, a group calling themselves “Impact Team” hacked extramarital affair site Ashley Madison, and exposed customer information of millions of users, not to mention the emails of Noel Biderman, CEO of Ashley Madison parent company Avid Life Media Inc.[2] The released data shows a wide breadth of users, including some using government email addresses.[3] While some have light-heartedly enjoyed the schadenfreude of (potential) extramarital cheaters being exposed for their sins, the hack has also had devastating consequences: as of August 24, Toronto police are investigating two suicides believed to be linked to the hack.[4]
Two of the largest complaints from hacked users point to Ashley Madison’s mediocre data security system and the company’s failure to fulfill promises of permanently deleting customer data. Impact Team has claimed that the “Full Delete” service offered by Ashley Madison for a $19 fee to permanently wipe a customer’s account from the database was a fallacy, with the company retaining all of that customer’s information—including credit card numbers and home addresses.[5] If this is true, and Ashley Madison negligently (or willfully) retained customer information after promising to permanently destroy the data, the company could be in even deeper waters. Coupled with the “Full Delete” fallacy, Ashley Madison’s negligence in protecting such sensitive customer data points to a high probability of either damages or a huge settlement paid to the exposed users.[6]
Large-scale class action lawsuits have already been filed in California, Missouri and Texas, with the largest filed in Canada by Eliot Shore, seeking $578 million in damages.[7] While Shore has conveniently taken the fall for his fellow Ashley Madison users, all of the class-action complaints filed against the company in the United States list John or Jane Doe as the plaintiff.[8] Due to the sensitive nature of the lawsuits, it may be difficult to find an individual class representative willing to expose themselves like Shore, as there is no guarantee that a federal court will permit the plaintiffs to remain anonymous.[9] If forced to reveal themselves, plaintiffs run the risk of further damage to their reputation and immense embarrassment. Anonymous or not, plaintiffs will regardless face possible jury bias, as most already see the exposed users in a distasteful way.[10]
Exposed data is always a touchy subject, but even more so in this case due to the scandalous nature of the hacked website. Most likely, the Ashley Madison suits will lead to a settlement like those currently underway regarding the recent Sony hacks. Whether judge and jury will look more harshly on the plaintiffs bringing suit against Ashley Madison remains to be seen—and whether the courts will allow anonymous plaintiffs in such a suit could change the course of litigation and settlement. It’s easy to be comfortably anonymous online, and not so easy in a courtroom under national scrutiny—a cautionary tale for all in an increasingly digital age.
For more information on the consequences of cyber-cheating, please see Micala MacRae’s post “Virtual Adultery: The World of Cyber-Cheating” here on the JOLT Blog (http://jolt.richmond.edu/index.php/blog-virtual-adultery-the-world-of-cyber-cheating/).
[1]Simon Thomsen, “Extramarital affair website Ashley Madison has been hacked and attackrs are threatening to leak data online,” Business Insider (July 20, 2015), http://www.businessinsider.com/cheating-affair-website-ashley-madison-hacked-user-data-leaked-2015-7.
[2] Id.
[3]Dave Boyer, “Thousands of Ashley Madison clients used government email addresses,” Washington Times (Aug. 19, 2015), http://www.washingtontimes.com/news/2015/aug/19/government-email-addresses-linked-ashley-madison-c/.
[4] Chris Baraniuk, “Ashley Madison: ‘Suicides’ over website hack,” BBC (Aug. 24, 2015), http://www.bbc.com/news/technology-34044506.
[5] Thomsen, supra note 1.
[6] Paul Callan, “Ashley Madison: Costly end of the affair,” CNN (Aug. 25, 2015), http://www.cnn.com/2015/08/24/opinions/callan-ashley-madison-hack/.
[7] Kim Zetter, “Ashley Madison hit with $500 million in lawsuits,” Wired.com (Aug. 25, 2015), http://www.wired.com/2015/08/ashley-madison-hit-500-million-lawsuits/.
[8] Austin Siegemund-Broka, “A Tale of Two Hacks: How Ashley Madison’s Legal Woes Differ From Sony’s,” The Hollywood Rep. (Sep. 4, 2015), http://www.hollywoodreporter.com/thr-esq/a-tale-two-hacks-how-819827?utm_source=twitter.
[9] Id.
[10] Callan, supra note 6.
Photo Source: http://clapway.com/2015/07/20/37-million-cheaters-at-risk-of-being-exposed-after-ashley-madison-hack-222/