Privacy Class Actions

Data Privacy & Cybersecurity

Our firm is a leader in Leadership in Data Accountability Class Action Lawsuits.

We have the right to  digital and online data security. This is a matter of personal and financial safety for virtually every American.

Consumer data is now the world’s most valuable resource. That same data is being mined, stolen and sold for high profits and for illegal purposes.  Companies use and sell consumers’ data without their knowledge or consent often resulting in identity theft, telemarketing robocalls, unwanted consumer profiling. 

Normand PLLC’s privacy class action team is skilled in representing consumers in data privacy and cyber-related class actions. This includes suits stemming from alleged improper use/disclosure of personal data, and identity theft that follows a data breach. We have experience in litigating class actions brought under industry-specific laws that include a data privacy or data security component. 


Like it or not, your personal financial records, health information and other   personal information is stored in the database of many companies. You trust those companies to keep your private personal information secure. When companies  fail to keep their records safe, a dangerous data breach could leak your private information and expose you to the threat of fraud and identity theft.

Normand PLLC data breach lawyers  understand how financially devastating  a security breach can be. We have successfully protected consumers with leaked data.  We  have won  both monetary compensation and have required companies to put in place protections to protect the lost data and prevent it from happening in the future.  We accept cases nationwide and internationally as well. We currently represent consumers from all 50 states and from over 130 other countries. 


What is a Data Breach?

A data breach is where sensitive, protected, or confidential health or financial information has been viewed, stolen, or used without authorization. Data breaches typically involve financial information  or protected information that can be used to commit fraud or identity theft.   It may also involve personal health information, personally identifiable information (social security numbers, drivers license numbers and home addresses and phone numbers). 

“There are only two types of companies: those that have been hacked, and those that will be. Even that is merging into one category: those that have been hacked and will be again.”

Robert Mueller, Former FBI Director, March 2, 2012

More and more companies are announcing that they have failed to protect the private data that you provided to them. Due to the loss of your data you may be subject to it being available forever to thieves all over the world. To compensate for this harm you may consider filing a data breach lawsuit. When a company was negligent and it causes your private data to be disclosed you may seek compensation for that loss of privacy. We may file a lawsuit for you and in some cases for others as a Class Action Data Breach case.

Data Breach and Loss of Private Data Cases

Many times your private data is lost in a digital break-in. We have had cases, where the data is stolen or lost by company employees or agents. Whether by a data hack or internal data theft scheme the perpetrators access a secure database to steal from it private, personal financial, health or Personal information such as social security number and passwords. The breach can occur over the Internet or onsite through a security gap in a  secured network connection. Data breaches are usually aimed for identity theft. Identity theft comes in many forms including opening credit cards, generating ID’s in your name and even obtaining loans to buy cars or homes in your name. Data breaches always cost you significant time to fix your credit and this damage can last for years  Experts predict that the cost for Data  breaches will exceed over $2 trillion by 2019.

Did you know that you may be even sued for loans you know nothing about that result from the loss of your private data in a Data Breach case? 

Harm to Consumers from a Data Breach?

The biggest and most obvious danger to you when your personal data is stolen is that your  personal, financial or health information, is disclosed and sold to thieves all over the world. Just correcting the credit and other problems from data breaches can cause headache and require professional help to fix. Costs include monitoring fees for your credit with numerous credit rating agencies to fix your credit score. Often you have to hire experts to help pay to receive a credit check to combat fraudulent charges. You may also lose credit making you ineligible for loans, and you may have your own credit cards cancelled for debts and loans you know nothing about.

Can I recover money damages when my data is stolen or lost by a company?

Yes. If  your data is compromised in many cases you are entitled to compensation for personal private data that has been lost to crooks. And the company who lost your data when they promised you that they would protect it is often liable for your financial losses and for the expenses needed to protect you from credit crooks in the future. Remember you cannot get your data back, all you can do is protect yourself and be diligent. The company that lost the data was not diligent to protect your data so they must reimburse you for expenses in the future resulting from their careless treatment of your data.

Most companies are required by law to notify you if your private data has been lost or stolen. IF you get such a notice contact us for information about your rights.

Examples of Privacy cases we have won or are pending include: 

Data and Identity Theft CASES

Landmark settlement of data breach class action providing compensation to class members whose data was stolen even where no direct loss or identity theft was shown from the breach. See, e.g., Resnick v. Avmed, No. 10-cv-24513 (S.D. Fla.)  AvMed, Inc. is a corporation that delivers health care services. Two laptop computers that contained AvMed customers’ sensitive information were stolen and the data was believed to have been disseminated online. The District Court dismissed the complaint for failure to state a claim upon which relief may be granted because there was no proof of cognizable injury. Plaintiffs appealed, resulting in a landmark appellate decision endorsing common law unjust enrichment theory, irrespective of whether identity theft occurred, and securing first class action settlement in the country to provide data breach victims with monetary payments without proof of identity theft.  Essentially the case provides that there is a cause of action for breach of contract to protect the privacy of consumer data held by corporations.  Resnick v. AvMed, Inc. – 693 F.3d 1317 (11th Cir. 2012).  After appeal our firm secured a $3 million data breach class action settlement that, for the first time, allows plaintiffs who did not suffer identity theft to claim funds. The settlement also required that Avmed implement security awareness and training programs for all company

Employees, and to add security mechanisms to company laptops, adopt full disk encryption technology on all company computers and install physical security upgrades at company facilities. 

Telephone Consumer Protection Act

$19 million settlement approved in a class action alleging unlawful text message blast from the companies behind the promotional campaign for the Universal Pictures movie “Warcraft.” Under terms of the settlement with defendants Universal Pictures, Legendary Pictures Funding LLC, Handstack PBC, Legend Pictures LLC and Legendary Analytics LLC, four classes were certified:a class of people who received text messages as part of the “Warcraft” text messaging campaign from an automated telephone dialing system; an internal do-not-call class of people who received more than one text to a residential line after submitting a request not to receive additional texts; a national do-not-call class of people who received more than one text to a residential line in a year and more than 30 days after putting their number on the National Do-Not-Call Registry; and an out-of-time class of people who received more than one text to a residential line before 8 a.m. or after 9 p.m.. Class members were compensated for each such violation resulting in multiple awards to individual class members.

Give us a call for a free consultation.