Ashley Madison and Invasion of Privacy

August 27, 2015

Does the fallout from the Ashley Madison hacking and public disclosures include civil liability implications? Most states recognize the tort of invasion of privacy. This law had its origin in an 1890 Harvard Law Review article that advocated a judicial recognition of the “right to be left alone” with respect to potential civil claims. Alabama recognized this law in a 1948 case, Smith v. Doss.

There are four distinct types of invasion of privacy cases: (1) wrongful intrusion, physically or otherwise, on the solitude or seclusion of another or his or her private affairs or concerns; (2) publicity which violates the ordinary decencies; (3) putting the person in a false, though not necessarily defamatory, light or position in the public eye; and (4) the appropriation of some element of the person’s personality for a commercial use.

Although laws appear to have been broken in the hacking of the company’s website, it would seem that people who voluntarily participated in the company’s database and services would face a formidable argument that, even though the company claimed that confidentiality would be maintained, this willing participation amounted to voluntary exposure to this type of risk. This factor might create serious obstacles to success in a privacy lawsuit against the company.

Of course, innocent people whose names and personal information have been falsely publicized in connection would have an entirely different status as to their potential claims. Depending upon the degree of carelessness or wrongdoing on the part of the company, and certainly the hackers, if they are ultimately identified, their circumstances may well lend themselves to one or more types of privacy claims.

By Michael L. Roberts