Can Hacked Data Support a Fraud Claim Against an Online Dating Site?
Get Legal Help Today
Secured with SHA-256 Encryption
UPDATED: Apr 30, 2016
It’s all about you. We want to help you make the right legal decisions.
We strive to help you make confident insurance and legal decisions. Finding trusted and reliable insurance quotes and legal advice should be easy. This doesn’t influence our content. Our opinions are our own.
Editorial Guidelines: We are a free online resource for anyone interested in learning more about legal topics and insurance. Our goal is to be an objective, third-party resource for everything legal and insurance related. We update our site regularly, and all content is reviewed by experts.
Online dating services can be an effective way for single men and women to broaden their social horizons, but they can also pose risks. Apart from the difficulty of knowing whether the person who appears in an online profile is as fun, attractive, wealthy, or unattached as he or she claims to be, the Ashley Madison scandal raises the question of whether the person who appears in the profile even exists.
Ashley Madison, an online dating service based in Canada, specializes in married members who are searching for “discreet encounters.” The company’s tagline — “Life is short. Have an affair.” — has apparently attracted more than 44 million members. “Guest members” can send “winks” and browse the site for free, but only a full member who has purchased credits can send a message to another member. Fifty credits for $59 will allow members to send ten messages (or only five if they forget to turn off the “priority” flag that attaches to messages by default). But are the members with the most enticing profiles real?
Hackers who breached the Ashley Madison website claim that most of the female profiles are fake and that 90 to 95 percent of the members are male. That percentage appears to be inflated — female membership may be as high as one-third of the total — but the hacked data makes clear that many of the female profiles describe women who do not exist in the real world.
One person who analyzed the data found “evidence that Ashley Madison created more than 70,000 female bots to send male users millions of fake messages.” The fake messages were allegedly sent to guest members who had not yet purchased the credits that would entitle them to send messages of their own. Men who created guest accounts say they were inundated with suggestive messages. After they purchased credits and began replying to the messages, however, the men never heard from the women again. Many of the duped men are now complaining that fake female profiles and bot-generated messages created the illusion that the site was filled with women who were eager to meet them.
Ashley Madison Lawsuits
Not surprisingly, revelations connected with the hacked data have spurred lawsuits. A class action filed in Canada seeks to hold Ashley Madison liable for failing to protect the personal information of its users. The lawsuit is based in part on Ashley Madison’s alleged failure to delete personal information about website users, even after the users paid an additional fee to assure the deletion of that information.
Similar lawsuits filed in the United States were recently consolidated in a federal district court in St. Louis. In addition to asserting legal claims for privacy violations, some of those lawsuits allege that users were defrauded by the company’s use of bots to send messages that appeared to have come from real women.
The parent company of Ashley Madison has responded with a number of defense strategies. It is trying to force plaintiffs who sued as “John Doe” to refile their complaints using their real names, perhaps with the hope that men who were searching for extramarital partners will dismiss their lawsuits rather than make their identities public.
The company is also seeking to place litigation on hold while requiring litigants to submit their claims to arbitration. An arbitration provision was added at some point to the Ashley Madison website’s terms of service. Whether the provision is enforceable and how many of the plaintiffs it would cover are questions that have not yet been answered.
Can Hacked Data Be Used As Evidence?
The latest wrinkle in the St. Louis litigation is a battle over whether the allegedly defrauded plaintiffs will be allowed to support their claim with information that was hacked from Ashley Madison’s computers. In particular, the plaintiffs want to use emails between Ashley Madison and its outside law firm to show how the corporation and the lawyers “worked together to commit fraud.”
The emails discuss how Ashley Madison should disclose its use of bots in its terms of service without admitting any wrongdoing. One of the lawyers sent Ashley Madison proposed language that acknowledged the site’s use of fictitious profiles. The language went on to state that the profiles “are not intended to resemble or mimic any actual persons” and listed some benign purposes that the profiles allegedly served, such as market research and quality control.
The emails raise two critical questions. The first is whether the plaintiffs can use as evidence documents that were illegally taken from Ashley Madison. The plaintiffs argue that the documents are now in the public domain, that they played no role in hacking them, and they should be entitled to support their case with evidence of fraud that is now available for the entire world to see.
Are Hacked Emails From Attorneys Privileged?
The second question is whether attorney-client privilege can be asserted to keep the emails out of evidence. The plaintiffs argue that the crime fraud exception destroys the privilege. The crime fraud exception generally allows information that would otherwise be privileged to be used as evidence when the client has attempted to use a lawyer’s services to commit or cover up fraud.
The plaintiffs argue that the lawyers actively helped Ashley Madison commit fraud by misrepresenting that its bots were not meant to be perceived as real people. At least one of the lawsuits that have been consolidated in St. Louis has joined the Chicago law firm as a defendant, alleging that the firm helped Ashley Madison deceive its customers.
Ashley Madison has changed its CEO but it isn’t clear that is has changed its practices. The current disclosure, buried in the depths of its terms of services, tells site users that by using the site they “agree that some of the profiles posted on the Site that you may communicate with as a Guest may be fictitious” and that the messages they send are computer generated.
Yet the current terms claim that the purpose of fake profiles “is to provide our Guest users with entertainment, to allow Guest users to explore our Services and to promote greater participation in our Services.” The notion that site users will be entertained by fake messages that induce them to buy memberships is doubtful, as is the likelihood that users will understand that “promote greater participation” means “pay for credits so you can respond to fake messages.”