The Legal Intelligencer spotlights Attorney of the Year Nominee
The Legal Intelligencer spotlights Attorney of the Year Nominee and founding Lynch Carpenter LLP partner Gary Lynch, Esq. Gary "is involved in just about every major cyber breach litigation in the U.S., but such cases weren’t always his focus.”
Uber Sued for Discriminating Against Wheelchair-Users
Lynch Carpenter LLP and Disability Rights Advocates (DRA) filed a class action lawsuit against Uber, challenging the popular ride-sharing service’s failure to make wheelchair-accessible vehicles available in the Pittsburgh area through its rideshare service.
Today, Lynch Carpenter LLP and Disability Rights Advocates (DRA) filed a class action lawsuit against Uber, challenging the popular ride-sharing service’s failure to make wheelchair-accessible vehicles available in the Pittsburgh area through its rideshare service. The suit, brought by individuals in and around Pittsburgh, Pennsylvania, challenges Uber’s wheelchair-inaccessibility. The plaintiffs—four individuals who use wheelchairs—brought this action to end Uber’s discriminatory practices and policies.
Since launching its transportation service in San Francisco in July 2010, Uber has experienced explosive growth, has seized an ever-expanding market share from taxi companies, and is now a major provider of individual transportation services in over 450 cities in the United States, including Pittsburgh. However, Uber, a multi-billion-dollar company, does not provide wheelchair-accessible transportation in and around Pittsburgh, in violation of the Americans with Disabilities Act.
Uber has been sued in cities around the United States for its violation of disability laws by failing to provide wheelchair-accessible service, yet it has continued its policy of denying that service.
Uber’s failure to make accessible vehicles available through its service denies people in Pittsburgh who use wheelchairs access to reliable, on-demand transportation that could drastically improve their lives, enabling them to travel to a wider variety of destinations without having to rely on transportation via expensive and unreliable taxis, unreliable paratransit, and limited public transit. It would enable them to travel spontaneously, without having to schedule transportation hours or even days in advance. Unfortunately, Plaintiffs and members of the class are excluded from these benefits, and suffer real harm as a result.
For example, on multiple occasions Plaintiff Paul O’Hanlon has had to travel several miles by wheelchair when he has missed the last city bus. “By reason of my disability I am denied access to Uber’s on-demand transportation that allows others to move around the city on their own schedules,” he said. Similarly, Plaintiff Irma Allen must rely on her son for transportation, which requires him to take time off work and lose a day’s wages. Ms. Allen said, “My family and I are at a distinct disadvantage because Uber doesn’t provide wheelchair-accessible service. It’s not fair that we are being left behind while other folks are enjoying the benefits of Uber’s new technology.”
Michelle Iorio, Staff Attorney at Disability Rights Advocates, said, “Transportation can be a real challenge for people with mobility disabilities, who often don’t have access to their own vehicle and who frequently can’t depend on paratransit because it is unreliable. Accessible ride sharing would facilitate societal integration for persons with disabilities, and Uber’s failure to provide wheelchair-accessible service undermines this potential.”
Echoing this sentiment, Bruce Carlson, a founding partner at national class action firm Lynch Carpenter, LLP, noted: “Uber’s express business plan, as detailed in its regulatory filings, is to displace public transportation with its ride sharing services. The problem is that public transportation, where available, is largely accessible, but Uber’s ride sharing services are not. Uber wants to create a paradigm shift with respect to the provision of transportation services. But will the new paradigm realize the potential of exponentially increasing accessibility, or will it leave individuals with mobility disabilities behind?”
The lawsuit seeks modifications to Uber’s policies and practices to ensure that it makes wheelchair accessible vehicles readily available to persons who need them through its on- demand ridesharing services. Plaintiffs do not seek monetary damages.
In addition to the case filed today against Uber in Pittsburgh, DRA has filed cases against Uber in New York and California for their failure to serve riders who use wheelchairs. DRA has also filed a case against Uber’s competitor Lyft in California. These cases are critical to protecting the rights of wheelchair-users throughout the country.
A copy of the Complaint is available here.
Lynch Carpenter Partner, Gary Lynch Named the Legal Intelligencer Attorney of the Year Finalist
Today, the Legal Intelligencer announced the 2019 Professional Excellence Award winners, highlighting the great work and achievements across the full breadth of the Pennsylvania legal community and naming Gary Lynch, a partner of Lynch Carpenter, Attorney of the Year Finalist.
In the 2018 landmark cybersecurity and data privacy case, Lynch successfully argued before the Pennsylvania Supreme Court that companies have a common-law duty to protect their electronically stored employee data. The high court’s ruling reversed two controversial lower court rulings that had tossed out a lawsuit against UPMC over a data breach that exposed the personal information of tens of thousands of current and former employees.
Earlier in 2018, Lynch was appointed co-lead counsel of national multidistrict litigation brought by over 70 financial institutions against Equifax, related to the company’s 2017 data breach.
Lynch is helping to shape the emerging area of data breach and privacy law through his work on several cases over the past few years, including data breach litigation involving Target, Home Depot, UPMC and Wendy’s. He was co-lead counsel for the financial institutions suing Home Depot, following the home improvement retailer’s 2014 data breach and on the five-person executive committee overseeing the prosecution of nationwide litigation against Target for its 2013 breach.
In addition to his work in the cyber security arena, Lynch continued his consumer protection and employee wage and hour practice in 2018, serving as co-lead for plaintiffs in a trial against the Penthouse Club in Philadelphia and securing a verdict of $4.5 Million on behalf of a class of exotic dancers who were misclassified as independent contractors by the night club.
Pa. Supreme Court rules UPMC — and all employers — must protect workers' data. Doing so is harder.
Gary Lynch, Esq. and Jamisen Etzel argued and won at the Commonwealth of Pennsylvania Supreme Court that UPMC breached common law legal duty.
They said UPMC had to meet a standard of reasonable care in handling employee data, because failure to do so could result in harm and it did - to the tune of several million dollars.
Lynch Carpenter Wins Major Data Privacy Case in Pennsylvania Supreme Court
On November 21, 2018, the Supreme Court of Pennsylvania issued a landmark ruling in the case of Dittman v. UPMC in favor of employees at the University of Pittsburgh Medical Center (UPMC) represented by Lynch Carpenter. In its decision, the Supreme Court of Pennsylvania held that UPMC had a duty to reasonably protect its workers’ personal data from cyber theft. This decision will very likely have a profound impact on future data breach litigation, specifically regarding the degree to which recipients of sensitive, personally identifying information are required to act reasonably in electronically storing and safeguarding such data. Gary Lynch argued the case on behalf of the employees, with Lynch Carpenter attorney Jamisen Etzel spearheading the briefing.
How the Case Arose
In February 2014, UPMC first informed the public about its data breach. Initially, UPMC claimed the data leak involved the names, addresses, bank information, birth dates, salaries, and social security numbers of only 22 workers. Two months later, however, in April 2014, UPMC updated this information and stated that 27,000 workers had information stolen. In May 2014, UPMC finally confirmed that all of its current as well as former workers were affected by the breach.
While the extent of the breach was still being investigated, in June 2014, Lynch Carpenter filed a class action lawsuit against UPMC in the Court of Common Pleas of Allegheny County, on behalf of all UPMC employees (consisting of approximately 62,000 current workers and an undetermined number of former employees). The lawsuit alleged that UPMC:
- Failed to adopt, design, and maintain adequate security measures for worker data privacy rights.
- Failed to implement processes that would detect security breaches in a timely manner
- Failed to meet current data security industry standards regarding authentication protocols, encryption, and firewalls
- Breached its duty of reasonable care to secure personal information, and
- Violated administrative guidelines
The lawsuit sought recovery of economic losses resulting from the filing of fraudulent tax returns in the names of workers whose information was stolen, as well as the increased risk that workers faced in the future of becoming the victims of identity theft, fraud, and abuse.
The Procedural History of the Case
The case took several years before it was heard by the Pennsylvania Supreme Court. The Court of Common Pleas initially dismissed all counts in the complaint, holding that UPMC owed no duty to reasonably protect employee data from cyber theft and, in any event, such a negligence claim based solely on economic damages would be barred by Pennsylvania’s economic loss doctrine. The Superior Court later affirmed the Court of Common Pleas’ dismissal. The Supreme Court of Pennsylvania, however, ultimately reversed this decision.
The Supreme Court of Pennsylvania’s Ruling
There are two notable components to the Supreme Court of Pennsylvania’s ruling:
- Duty to protect sensitive data from cyber theft. As part of its decision, the Supreme Court of Pennsylvania rejected the concept that it was creating a “new affirmative duty” for the holders of sensitive information. Instead, the Court found it was merely applying a long-established duty to a novel scenario. As a result, the Court held that where an employer’s collection of personal data belonging to workers creates a foreseeable risk of data breach, an employer has a duty of reasonable care to secure this data. This led the Court to conclude that UPMC should have realized a cybercriminal might take advantage of vulnerabilities in the company’s computer system and steal data belonging to current and past workers.
- Negligence claims involving “purely” economic loss. In its decision, the Supreme Court of Pennsylvania further held that Pennsylvania’s economic loss doctrine does not prohibit negligence claims seeking “purely” economic damages, so long as the duty sought to be enforced arises independently of any contractual duty. In reaching this holding, the Court clarified its prior decisions enunciating and applying the economic loss doctrine and rejected any and all previous pronouncements of the doctrine by lower Pennsylvania courts which had suggested an oversimplified interpretation of the doctrine which disallowed any tort claim in which only economic damages are sought. This significant holding by the Court makes it clear that if the duty which forms the basis for a tort claim arises independently of any contractual obligation between parties, such claim is viable even if purely economic damages are sought. As a result, the Court found that UPMC had a duty to reasonably secure personal data under general principles of negligence law, and the economic loss doctrine does not prohibit the workers’ claims.
Protecting the Privacy Rights of Workers
Data breaches are occurring in our society at an alarming rate. If you are a victim of a data breach, it is important to remember that the holder of your data is obligated to act reasonably to store and protect it from cyber theft. If you believe the holder of your data has failed to uphold this duty, please contact Gary Lynch at Lynch Carpenter today by calling 1-(800)-467-5241 or contact us here.
Lynch Carpenter Wins $24 Million Dollar Award On Behalf Of Certified Class Of Mortgage Borrowers Following 13 Day Federal Court Arbitration
On March 24, 2017, a three judge panel awarded $24 million dollars to a certified class of mortgage borrowers represented by Lynch Carpenter.The award followed a 13 day arbitration trial conducted in the federal courthouse in Pittsburgh. The panel of arbitrators included a former judge from the United States District Court for the Western District of Pennsylvania and two former litigation department heads at AmLaw 100 law firms.Bruce Carlson was co-lead counsel for the class and Carlson along with his partner Gary Lynch led the Lynch Carpenter trial team that tried the case. This arbitration award represented the culmination of more than ten years of litigation, including three trips to the United States Court of Appeals for the Third Circuit and the certification of a RICO class which was affirmed by the Third Circuit. Judge Arthur Schwab was the presiding judge in the District Court.
Gary Lynch Appointed As Co-Lead Counsel For Financial Institution Plaintiffs In Home Depot Data Breach Litigation
On February 2, 2015, a federal district judge issued an order appointing Gary Lynch to serve as Co-Lead counsel responsible for managing nationwide litigation against Home Depot. All cases stemming from the data breach at Home Depot have been consolidated before U.S. District Judge Thomas W. Thrash in the Northern District of Georgia. Lynch Carpenter was initially retained by numerous financial institutions which have suffered readily quantifiable damages as a result of the data breach. Co-Lead Counsel will direct and manage proceedings on behalf of all financial institution plaintiffs.
Court Denies Targets Motion To Dismiss Financial Institution Cases In Data Breach MDL
As reported previously, Gary Lynch was elected to the Executive Committee managing litigation on behalf of a putative class of financial institutions that is pending before Judge Magnuson in the United States District Court for the District of Minnesota. On December 2, 2014, the Court issued a decision denying almost all of the arguments advanced in Target’s Motion to Dismiss the case. Developments in this case should be instrumental in shaping the body of law that is evolving in the wake of recent data breach incidents in this country.