On February 2, 2021, the Eleventh Circuit reversed the district court’s denial of class certification for failure to prove an administratively feasible method to identify absent class members. The Eleventh Circuit’s rejection of administrative feasibility as a prerequisite to certification under Federal Rule of Civil Procedure 23 has deepened a circuit split on the issue.

On February 4, 2021, the Eleventh Circuit affirmed the dismissal of a customer’s proposed class action lawsuit against a Florida-based fast-food chain, PDQ, over a data breach. The three-judge panel rejected the argument that an increased risk of identity theft was a concrete injury sufficient to confer Article III standing, deepening a circuit split on this issue.

On March 30, the Supreme Court will hear arguments on whether a damages class action, is permitted by Article III of the Constitution or Rule 23 of the Federal Rules of Civil Procedure where the majority of the class has suffered no actual injury. Notably, this is the first time the Supreme Court will apply the rulings of Spokeo, which held that a plaintiff “cannot satisfy the demands of Article III by alleging a bare procedural violation,” to an entire class. The Supreme Court’s forthcoming decision will have significant implications on defenses to class actions, and could possibly expand liability for companies most often entangled in class actions with plaintiffs that have tenuous claims based only on statutorily created rights of action.

On November 25, 2020, a shareholder of First American Financial Corporation (“First American”) filed suit against the company and its officers and directors over a massive data security breach that exposed hundreds of millions of sensitive customer records. The shareholder derivative action, filed by Norman Hollett in Delaware federal court, alleges breaches of fiduciary duties, unjust enrichment, abuse of control, gross mismanagement, waste of corporate assets, and multiple violations of the Securities Exchange Act of 1934, all relating to the failure to contain and timely disclose the breach.

A federal court recently issued a decision approving a class action settlement resolving litigation stemming from five Yahoo! data breaches that occurred from 2012 to 2016 and affected at least 194 million Yahoo! customers. The company agreed to establish a $117.5 million settlement fund and institute numerous business practice changes designed to prevent future data breaches. Of particular interest in the approval order, however, was the Court’s comparison of the instant settlement to a prior in-district data breach settlement. A review of the approval order provides insight into the factors judges analyze to ensure settlements are reasonable, proper, and in the best interests of the class.

Private plaintiffs and state enforcers have been targeting businesses up and down the supply chain for price gouging violations. Some of these actions have been over the price of goods long associated with the COVID-19 pandemic, such as toilet paper and medical supplies. Yet others, such as a dispute in which a California winery has accused the company managing its storage facility of illegally increasing its rates, show the wide range of businesses potentially affected by price gouging laws. And with many state price gouging laws likely to remain in effect until at least early 2021, these lawsuits provide insight into the scope of expected price gouging claims going forward. A recent string of lawsuits brought against egg producers provides a particularly good vehicle for doing so.

The Sixth Circuit has joined the Second and Ninth Circuits in their broad interpretation of the Telephone Consumer Protection Act’s (TCPA) autodialer provision. In doing so, it has tipped the scale in a circuit split that is ripe for review by the U.S. Supreme Court.