Source: Lina Khan, Washington Monthly, June/July/August 2014
Late last year a massive data hack at Target exposed as many as 110 million consumers around the country to identity theft and fraud. As details of its lax computer security oversight came to light, customers whose passwords and credit card numbers had been stolen banded together to file dozens of class-action lawsuits against the mega-chain-store company. A judge presiding over a consolidated suit will now sort out how much damage was done and how much Target may owe the victims of its negligence. As the case proceeds, documents and testimony pertaining to how the breach occurred will become part of the public record.
All this may seem like an archetypical story of our times, combining corporate misconduct, cyber-crime, and high-stakes litigation. But for those who follow the cutting edge of corporate law, a central part of this saga is almost antiquarian: the part where Target must actually face its accusers in court and the public gets to know what went awry and whether justice gets done.
Two recent U.S. Supreme Court rulings—AT&T Mobility v. Concepcion and American Express v. Italian Colors—have deeply undercut these centuries-old public rights, by empowering businesses to avoid any threat of private lawsuits or class actions. The decisions culminate a thirty-year trend during which the judiciary, including initially some prominent liberal jurists, has moved to eliminate courts as a means for ordinary Americans to uphold their rights against companies. The result is a world where corporations can evade accountability and effectively skirt swaths of law, pushing their growing power over their consumers and employees past a tipping point.
To understand this new legal environment, consider, by contrast, what would have happened if Amazon had exposed its 215 million customer accounts to a security breach similar to Target’s. Since Amazon has taken advantage of the Court’s recent decisions, even Amazon users whose bank accounts were wiped clean as a direct result of the hack would not be able to take the company to court. …. Following the 2011 and 2013 Supreme Court rulings, dozens of other giant corporations—from Comcast and Wells Fargo to Ticketmaster and Dropbox—have secured the same legal immunity. So have companies ranging from airlines, gyms, payday lenders, and nursing homes, which have quietly rewritten the fine print of their contracts with consumers to include a shield from lawsuits and class actions. Meanwhile, businesses including Goldman Sachs, Northrop Grumman, P. F. Chang’s, and Uber have tucked similar clauses into their contracts with workers…..