Schadenfreude, the German word for joy at the pain or misery of others, is one of the more perfect lingual creations of mankind.
For one, it is probably the most perfectly German word/concept imaginable. The world’s more public relations- oriented people generally don’t like to admit to feeling joy at the suffering of others. Germans, on the other hand, came up with a really, really specific and highly efficient term for it.
And we all know what it is like to get a small endorphin rush when we get to watch a bad thing happen to a bad person.
Or, in the case of the Ashley Madison hack — a large group of bad people.
In fairness, bad is putting too fine a point on it. There are a lot of reasons one might find themselves on a website that offers adultery-on-demand — and probably many of them do not involve being a terrible person or even a bad person.
In fact many of those caught up in the hack literally had never had any involvement with Ashley Madison and were shocked to learn that someone else was engaging in cyber-adultery using a Yahoo account they stopped using in the early 2000s.
However, it is hard to hear the sad tales of those who put their real names, personal email address or – even better – their work email addresses (because their wife might see their personal email) and real credit card numbers into a site that exists purely to help people find extramarital companionship and feel an excessive amount of pity. Even if one is not tempted to judge another person’s morals, it is hard not to question their judgement in that situation.
And so when the news broke over the summer, the Internet had a good chuckle at the Ashley Madison user-base’s unfortunate predicament. The entire Internet. Even the social media feed of the usually relatively innocuous 800-FLOWERS got in on the gag.
However, once the immediate headlines died down and the initial giggle fits subsided, the world moved on. Unless you were one of the unfortunate thousands who lived to see their personal data go up for grabs on the Web. Most might have even forgotten about the great vigilante hacking of the summer of 2015.
But the hacked did not forget. Instead, they sued.
Anonymously.
In the wake of the Scarlet Letter hack, a class of 42 John Does came forward, sort of, to press their contention in court that Ashley Madison and its parent, Avid Life Media, failed to adequately safeguard the privacy and failed to delete the accounts of customers who had paid additional fees for the specific purpose of having their names purged forevermore from the Ashley Madison servers.
Ashley Madison took the money, but the hackers managed to find those accounts still in their servers and did what any reasonable group of cybercriminals would do: leaked the names of those who most wanted their names not to be leaked.
The John Does were allowed to file their initial complaint anonymously – and had asked for the ability to pursue the entire case that way. There is some legal precedent for allowing plaintiffs to be anonymous in civil cases (due to the confrontation clause of the 6th amendment this is basically non-existent in criminal proceedings).
Counsel for the plaintiffs in the class action suit against Avid Life noted that the clients ought to be allowed to proceed without identifying themselves given the “potentially catastrophic personal and professional consequences that could befall them and their families.”
Counsel for Avid Life, notably didn’t agree. Their counter argument is that the plaintiffs’ sexual preferences and habits, however embarrassing, “do not constitute information of the utmost intimacy so as to require anonymity.” They further argued that there were far more past precedents for allowing embarrassing and even economically damaging information, if doing so is in the public good.
We’ll give you a second to consider an adultery-themed website advocating the importance of transparency to the public good.
The judge did not quite buy Avid Life’s argument, noting that the data in play here is “above the level of mere embarrassment or harm to reputation” and could cause real and serious damage in people’s lives.
However, he also noted that since the thing that brings everyone to court is the fact that this data was hacked and released onto the Internet, it is no longer exactly top secret.
“The personal and financial information plaintiffs seek to protect has already been released on the Internet and made available to the public,” he wrote in the April 9 ruling (which was recently made public).
The judge therefore ruled that at least some members of the class must come forward and be named for the case to proceed. He did note that while anonymous participation might be possible when positively identified “representatives of the class” have come forward, named participants would benefit more from an eventual settlement than the unnamed.
Alternately, all 42 unnamed here could dismiss their claims and go on to sign on anonymously when (and if) a class is certified. Currently, there are eight named plaintiffs who have come forward in similar suits filed in other districts.
Which means that for all of the headlines this news captured yesterday, those 42 John Does won’t have to identify themselves after all — they can decide to make a bit less on the case and instead step forward if the case is allowed to move forward and the various individual class-action suits against Avid are collapsed into a single suit.
However, before we all chalk this up to one of the “funny things that happened this week,” it bears a minute to reflect on some of the larger issues that this might forebode.
And while we might not feel all that bad for adulterers with bad judgement, we can imagine all kinds of situations where someone’s privacy could be violated through a service they had voluntarily contracted to use.
As we pointed out when the story first broke, the easy area to worry about is electronic health records, since EHR is new, popular and a seeming goldmine of sensitive data about consumers. A consumer whose health care provider may have been breached (heaven forbid) may actually prefer to remain anonymous if their records disclose sensitive personal medical information that they wouldn’t want their neighbors or employer to know.
While the judge noted that victims of sexual crimes, LGBTQ people or other cases involved with hot-button issues might require anonymity, those who had voluntarily signed on to use a service whose data has already been hacked anyway must stand up and identify themselves.
Now of course there only need to be a few identified class members, and if a site specializing in adultery can get named members into the class action suit against it, arguably any class action suit can find named members.
But it does beg the question: Why should consumers who’ve already had their privacy violated have to submit to greater losses of privacy to seek redress for a crime committed against them in which they were an innocent victim?
We’d love your thoughts.
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More