Supreme Court Rejects Zappos’ Appeal in Data Breach Lawsuit

A lawsuit against Amazon.com-owned Zappos will continue after the U.S. Supreme Court rejected an appeal from the online shoe retailer in a seven-year-old data breach case. In the wake of a 2012 data breach that exposed the names, addresses, phone numbers and more of 24 million customers, Zappos faced several lawsuits from customers. Zappos argued unsuccessfully to the Supreme Court that customers shouldn’t be able to sue without proof they were harmed in a breach. The Supreme Court agreed with a San Francisco appeals court that had previously revived the lawsuit. Both courts sided with Zappos’ customers over the company, letting the lawsuit, which is seeking class-action status, continue. The appeals court found that the stolen data left customers vulnerable to identity theft, Bloomberg reported.

Total Retail's Take: This case has far-reaching implications for retailers and companies across industries as data security becomes even more critical to their operations. As retailers and brands collect more data about their customers — necessary to serve up the personalized shopping experiences today's consumers have come to expect — they become more attractive targets to cyber criminals. With this ruling by the Supreme Court in the Zappos case, consumers gain a victory and retailers gain more risk exposure. This ruling could open the door for a flood of class-action lawsuits against retailers that have suffered data breaches, as consumers no longer have to prove financial loss as a result of the breach. It pays more than ever for retailers to invest in data security, ensuring policies are in place to protect the customer data they currently have and that which they acquire going forward.