Shotgun Pleading Shoots Equifax Data Breach Complaint in the Foot


Federal judges usually don’t take it upon themselves to throw out lawsuits at the very first step, and normally not unless one of the parties to a suit asks them to reject a case. But that is exactly what happened recently when a consumer filed a complaint against the credit reporting company Equifax Inc.

Atlanta-based consumer credit reporting agency Equifax recently announced that a massive data breach compromised the personal data of 143 million Equifax customers. The announcement resulted in a series of data breach class action lawsuits against Equifax, at least one securities class action complaint, and an enforcement action by Massachusetts Attorney General Maura Healey (D). There’s even a possibility that Equifax executives may face a shareholder derivative suit over allegations that they sold company stock after the breach was discovered, but before it was disclosed to the public.

However, aggrieved consumers shouldn’t hastily file suit, as courts don’t take kindly to thrown-together-kitchen-sink complaints. The U.S. District Court for the Middle District of Florida reviewed a complaint against Equifax seeking to represent all consumers in the U.S. affected by the breach concluded that it wasn’t up to its standards, and told the plaintiff he needs to replead his claims. 

Judge Roy B. Dalton Jr. said the 33-page, nine-count complaint “is a shotgun pleading that provides a very faulty foundation for this complex case.” The court explained that the most common type of a shotgun pleading is “a complaint containing multiple counts where each count adopts the allegation of all preceding counts, causing each successive count to carry all that came before and the last count to be a combination of the entire complaint.” 

Dismissing the complaint without prejudice, the court said that the complaint’s allegations “reflect diverse legal theories” but each allegation “improperly incorporates by reference all of the preceding paragraphs.” The court also found that the plaintiff sued two distinct defendants—Equifax Inc. and Equifax Information Services Inc.—but the allegations are “confusingly” directed to Equifax. 

Saying that such errors must be corrected before the action can proceed, the court gave the plaintiff until Oct. 6 to file an amended complaint.

To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update.