ST. PAUL, Minn. (Legal Newsline) - A federal judge overseeing a consumer class action lawsuit filed against Target for alleged data breaches granted final approval to the settlement last month.
Judge Paul Magnuson of the U.S. District Court for the District of Minnesota -- where dozens of lawsuits were transferred to -- said the “early” settlement of the case benefits the plaintiff class “immensely” and “weighs heavily” in favor of the settlement.
According to the judge’s Nov. 17 order, the settlement provides that Target will pay $10 million to settle the claims of class members and to pay service awards to class representatives. Any residual settlement funds will not revert to Target but will be distributed as directed by the court.
Payments to class members will vary depending on each individual’s ability to document their losses.
Individuals with documentary proof of losses will be reimbursed both for out-of-pocket loss and time loss (up to two hours at $10 per hour), up to a maximum of $10,000.
The plaintiffs have estimated that the average payout for such “high value” documented claims -- where the claimed damages are more than $5,000 and there is documentation to support the claim -- will be almost $2,200 per claimant, and the average payout for lower-value documented claims will be just under $300 per claimant.
Individuals who have no documented proof of loss will receive an equal share of the settlement fund after service awards and documented-loss payments are made.
The plaintiffs have estimated that the payment for undocumented-loss claimants will be $40 per claimant.
Magnuson said the settlement also requires Target to improve its data security practices in “significant ways.”
Target also has agreed to pay all class notice and administrative expenses of the settlement. Those payments are not included in the $10 million settlement fund -- nor is any award of attorneys’ fees included in the fund.
As part of the deal, class counsel will receive fees and costs of up to $6.75 million.
Target waived its right to appeal an award of fees unless that award is greater than $6.75 million.
Vincent J. Esades of Minneapolis law firm Heins Mills & Olson PLC served as lead counsel for the class.
According to the judge’s order, class notice reached more than 80 million people, with direct notice sent to 61 million consumers. Eleven individuals objected to the settlement.
Most of those objecting argued the settlement amount is too low or that the attorneys’ fees requested are too high, or both.
“Complaints regarding the amount of the settlement do not provide a justification for rejecting that settlement,” Magnuson wrote in his nine-page order.
“In the Court’s view, the settlement represents a significant victory for a class whose legal claims are as tenuous as those here.”
The court preliminarily approved the settlement in March, certifying the class to include “all persons in the United States whose credit or debit card information and/or whose personal information was compromised as a result of the data breach that was first disclosed by Target on Dec. 19, 2013.”
Target had asked Magnuson to dismiss the class action complaint filed against it by consumers, arguing that the plaintiffs did not have standing to raise any of their claims because they cannot establish injury.
The judge admits in his final order that the injury question continued to loom over the litigation.
“Some consumers undoubtedly suffered some injuries. But many more consumers who used payment cards at Target during the period of the data breach suffered no concrete injury,” he wrote. “Moreover, proving causation for any established losses will be difficult, given the other large-scale retailer data breaches that occurred at approximately the same time as the Target breach.
“Finally, the vast majority of the class suffered very small losses, if any, because out-of-pocket losses for those consumers whose identities were stolen were limited by the card company’s reimbursement policies and the identity-theft protection Target offered to all consumers in the wake of the breach.
“These issues are just a few of the many legal and factual issues that make ultimate success in the consumer track tenuous.”
The case arises out of one of the largest breaches of payment-card security in the United States’ retail history.
Between Nov. 27 and Dec. 15, 2013 -- the peak of the year’s holiday shopping season -- computer hackers stole credit- and debit-card information and other personal information for about 110 million Target customers.
Many of the plaintiffs, in their lawsuits, alleged the retail store failed to implement and maintain reasonable security procedures and practices appropriate to the nature and scope of the information compromised in the data breach.
From Legal Newsline: Reach Jessica Karmasek by email at jessica@legalnewsline.com.