Ashley Madison owners face $578 million class-action lawsuit

Two Canadian law firms filed a suit Thursday against the companies that own the website Ashley Madison, which was the target of a massive data breach that released information on millions of users.

Lee Jin-man/AP Photo/File
This photo taken June 10, 2015 shows Ashley Madison's Korean web site on a computer screen in Seoul, South Korea. US government employees with sensitive jobs in national security or law enforcement were among hundreds of federal workers found to be using government networks to access and pay membership fees to the extramarital-affairs website Ashley Madison.

The companies behind extramarital-affairs website Ashley Madison are facing a new lawsuit in response to a hack that released information of about 39 million users.

Charney Lawyers and Sutts, Strosberg LLP – two Canadian law firms – filed a $578 million class-action suit Thursday against Toronto-based Avid Dating Life and Avid Life Media on behalf of Canadians whose personal data was compromised during the breach, The Associated Press reported.

“The sensitivity of the information is so extreme and the repercussions of this breach are so extreme, it puts the damages faced by members in a completely different category of class-action suits," lawyer Ted Charney told the wire service.  

While many of the names and email addresses posted in the data dump appear to be false, the leak exposed everything from credit card information and geolocation data to security questions for recovering lost passwords, according to The Christian Science Monitor.

The dump – which involved data linked to government officials, military personnel, top-level executives, and civil servants, among others – has since raised critical questions about the security of servers used by both government agencies and corporations as well as users’ privacy rights.

“The Ashley Madison leak is about a lot more than the public shaming of philanderers. Above all, it’s about Internet privacy,” wrote The Washington Post's Michael E. Miller, noting that journalists, security experts, and others have noted that there were 15,000 .mil or .gov email addresses among those used for the site.

As John Herman wrote for The Awl:

We associate the cost of hacks mostly with identity theft and financial loss, from which most victims are pretty well insulated. You may know someone affected by that hack, but the resulting damages were likely mostly absorbed by their bank or credit card company.

This, on the other hand, is basically unprecedented....This is new territory in terms of personal cost.

The Impact Crew, the hacking group behind the breach, appeared to have aimed at maximizing damage to the company, based on a statement it released alongside the data dump: “It was [Avid Life Media] that failed you and lied to you. Prosecute them and claim damages. Then move on with your life. Learn your lesson and make amends. Embarrassing now, but you'll get over it."

The new lawsuit also points the finger at Ashley Madison and its owners, claiming in a statement that users “are outraged that AshleyMadison.com failed to protect its users’ information. In many cases, the users paid an additional fee for the website to remove all of their user data, only to discover that the information was left intact and exposed.”

Some experts have noted that the breach could have been worse, had Avid Life Media not employed the type of encryption it did.

But others point to a broader problem that sites like Ashley Madison embody: The use of customers’ data as objects to be owned. In an op-ed for the Monitor, D.E. Wittkower, an author and assistant professor who teaches on philosophy of technology, digital culture, and computer ethics at Old Dominion University, said he found the practice of deleting customers’ data for a fee to be “strikingly similar to revenge porn.”

To protect people in a digital environment, we need to promote legislative approaches that recognize and respect conversations, sexting, and selfies not as objects but as human activities; as asynchronous and digitally transferrable moments of a person’s life, deserving of respect and care.

The suit's class-action status still needs to be verified by the Ontario Superior Court of Justice.

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.