We previously wrote about the proposed class-action lawsuit against Canon USA Inc. that resulted from a data breach of former and current employees’ personal information. This week, Canon argued in New York federal court that the plaintiffs lacked standing and that the case should be dismissed. Canon stated in its memorandum of law that lost or diminished value of personal information resulting from a ransomware attack is NOT a cognizable injury that confers Article III standing. Further, Canon argued in its memorandum that the plaintiffs’ allegations merely suggested a future risk of harm; again, not enough to meet the Article III requirements for standing.

In addition to Canon’s argument that the plaintiffs lacked standing, Canon also argued that the plaintiffs failed to state claims upon which relief can be granted. In the complaint, the plaintiffs alleged that Canon acted negligently. However, Canon argues that the complaint did not offer any facts to support that claim.

Further, Canon argued that the invasion of privacy claim also fails since the “intrusion upon seclusion” theory requires intent, evidence of which plaintiffs also failed to provide.

We will watch the plaintiffs’ response and the court’s decision on this issue.