Is the race to sign up plaintiffs (and other class members) in data breach class actions akin to ambulance chasing?

Like all great lawyer answers, it depends. Data breach class actions are very hot legally. Because so many of them are happening thus resulting in myriad class actions. And why are they happening? Companies, health care entities, educational institutions, and nonprofits do not want to pay to make data secure. Generally speaking, they'd rather take the chance of being sued and losing than to fix the problem. Given how difficult it is to maintain a data breach class action in federal court due to the draconian standing requirement, this makes sense.

But it's much easier in California due to the CCPA/CPRA. This has been an absolute bonza for law firms in California or with firms that have California clients. Generally those are one in the same, but what it means, practically speaking, law firms in California scour the internet searching for potential breaches. They push blog posts, Google ads, Facebook ads, etc., and they hope they can attract a plaintiff to file first so that the lawyer. If the case isn't dismissed, it usually settles. And the class members get upwards of $750 under the CCPA. The lawyers make hundreds of thousands if not millions in fees. The mediators usually make $11,000 for a day of work. It's a nice racket.

The firms that do this kind of work remind me of law firms operating in strip malls or in your local mall. Right next to the smoothie shop and Forever 21. You know, class joints. 

I view it as predatory in nature because it does little to help aggrieved consumers, and it does even less to modify corporate behavior. 

Often I view it is akin to "ambulance chasing." 

Why Should You Care About Security and Data Privacy?

 Ignorance can be expensive. Depending upon the severity of the violation, penalties for violating the GDPR, CCPA, and HIPAA can be in the millions. 

For GDPR violations, organizations can be fined up to 4% of their global annual turnover or $20 million Euros (whichever is greater). 

CCPA violations can be up to $7,500 dollars per violation. Why do you think California law firms are falling all over themselves to hire as many lawyers to file lawsuits as fast as possible. Although the fines are paid to the State of California, civil penalties can be up to $750 per California consumer class member, which can add up to a bunch in a data breach class action lawsuit. And that's just one of the things companies might be liable for with a data breach. 

Then there's HIPAA, that frequently violated statute, where fines can be up to $1.5 million dollars per violation.