The case highlights how "there really is a high barrier for plaintiffs to bring these kind of lawsuits," said Ethan Preston, an attorney with Kamber & Associates LLC in New York.

"It's unfortunate because there is a lot of harm that can be caused because of negligent security," he said. "But if you look at the legal basis behind the decision it is not entirely unexpected."

In fact, there are at least two other cases where similar claims have been rejected by courts, he said.

In February, a U.S. District Court in Minnesota dismissed a lawsuit brought by an individual whose personal data -- and that of over 550,000 individuals -- had been compromised when a laptop containing the information was stolen from an employee at Brazos Higher Education Service Corp. of Austin, Texas. The individual claimed that Brazos was negligent in securing the data because it was been encrypted. The court dismissed the claim, saying that Brazos had not violated any of its security obligations under Gramm-Leach Bliley Act.

Similarly, last September, a federal court dismissed a class action lawsuit against TriWest Healthcare Alliance of Phoenix. The class action members claimed that they were harmed because Triwest was negligent in allowing several hard disks containing personal information to be stolen from one of its facilities in 2002. The incident exposed personal information on over 500,000 military personnel.