But, in the aftermath of the hack and subsequent public release of data, some of the attention has turned to the nuances of potential litigation. For any pending litigation, a range of outcomes is possible depending on what type of court hears a case related to the hack and if the case is heard in front of a jury or adjudicated as a bench trial, according to Matthew A. S. Esworthy, an attorney with Shapiro Sher Guinot & Sandler and co-chair of the American Bar Association Section of Litigation, Cybercrime Subcommittee of the Criminal Committee.
A jury, for example, may be unsympathetic toward the alleged adulterers when handing out awards, he said. Further, it’s uncertain if the perpetrators will be identified, located, arrested and tried, and it remains to be seen what type of defense Avid Life Media, the company that owns Ashley Madison, may employ.
"Every data breach presents its own problems," he said. "Obviously, [the] Ashley Madison [case] is unique because it’s salacious." Avid is already reportedly being sued in Canada.
In the States, Abington Cole + Ellery, a “boutique law firm” out of Tulsa that specializes in patent law and “complex class action litigation” has launched an online outlet for those interested in filing a lawsuit. Further, it claims it intends to proceed with “anonymous class representatives,” and will appeal if the court refuses to grant anonymity.
“Abington Cole + Ellery is currently investigating a confirmed data breach at online dating site AshleyMadison.com. This data breach reportedly affects as many as 37 million individuals,” the online form reads. “The breached data may include the following information: names, addresses, AshleyMadison.com site usage history, personally identifiable information, and credit card information.”
But, the scope of the suit is still yet to be determined. Esworthy said he wouldn’t be surprised if many of the victims of the hack try to avoid any more public exposure and forego a legal remedy. "Would you want to further expose yourself to scorn and ridicule?" he posited. "Most people involved in this are probably hoping this passes."
Amid all of the controversy, Avid released a statement on August 31 that sought to rebuke claims that the site is losing popularity and pointing out that Ashley Madison should not be the target of media hostility, but rather the hackers should bear the criticism.
“This past week alone, hundreds of thousands of new users signed up for the Ashley Madison platform – including 87,596 women,” the statement reads. “Some journalists have turned the focus of the criminal act against Ashley Madison inside out, attacking us instead of the hackers.”
As for their day in court, should it come to that, Esworthy said attorneys defending Ashely Madison could highlight the existing precautions the site had in place to protect clients and redirect the legal onus on the hackers.
Speaking more broadly, Esworthy said damages from cyber security breaches may become increasingly complicated to remedy. "There's a major data breach what feels like every other week," he said. With the frequency and potential overlap of data breaches, victims may have trouble getting any one particular entity to cover damages, as it may prove difficult to say with certainty which company’s database a hacker learned one’s personal information.