The United States Court of Appeals for the Fourth Circuit recently issued a pivotal opinion in the ongoing Marriott Data Breach MDL Litigation. The Fourth Circuit overturned a district court’s classification decision, stating that the court made a mistake in certifying damage classes against the Marriott defendants without initially addressing the potential enforceability of a “class-action waiver” which could be relevant to all members of the proposed class. (Read Full Article)
The enforceability of the “class-action waiver” is a pressing issue in this litigation, academics and practitioners alike are closely observing and grappling with the impact of these waivers on the future of class litigation. The waiver could potentially influence the scale and course of the litigation, since it applies to every member of the proposed class — this could drastically influence the pool of potential claimants and the collective amount of potential damages at stake.
This development comes as part of the Marriott Data Breach MDL Litigation, a multiparty, multiforum litigation stemming from a significant data breach involving Marriott International, Inc. in late 2018. This cyber-incident reportedly exposed the personal data of approximately 500 million Marriott customers, leading to extensive legal proceedings with wide-ranging consequences on privacy laws and regulations, as well as disclosure standards for corporations.
Legal professionals, particularly those working in corporations or specializing in data breach cases, should keep a close eye on this litigation for its potential to impact both future litigation strategy involving class-action waivers and the evolving standards in cyber security and data privacy.