RICHMOND, Va. — A challenge by the Wikimedia Foundation to the National Security Agency’s (NSA’s) upstream surveillance activities was properly dismissed under the state secrets privilege, a divided Fourth Circuit U.S. Court of Appeals panel held Sept. 15, finding that the Foreign Intelligence Surveillance Act (FISA) does not displace the privilege.
SAN JOSE, Calif. — Consumers accusing Apple Inc. in a putative class complaint of unlawfully obtaining unauthorized recordings of communications via its preinstalled digital assistant, Siri, have failed to allege economic injury, a federal judge in California ruled Sept. 2, partially granting Apple’s motion and dismissing a claim under California’s unfair competition law (UCL).
HARRISBURG, Pa. — An employment staffing company accused of failing to safeguard private health information (PHI) contained in Pennsylvania Department of Health (DOH) COVID-19 contract tracing lists and then timely notify those affected after a data breach moved Sept. 10 for dismissal of a putative class complaint by one of the woman allegedly on the lists for failure to allege an injury-in-fact and state a claim upon which relief may be granted.
CHICAGO — One day after a businessowners liability insurer filed a notice of voluntary dismissal, a federal court in Illinois on Sept. 10 dismissed the insurer’s lawsuit seeking a declaration that it does not owe coverage for an underlying lawsuit alleging that the owners and operators of Wing Stop violated the Biometric Information Privacy Act (BIPA) by capturing, collecting, storing and/or disseminating its employees’ biometric information without their valid consent.
SAN FRANCISCO — Materials related to an app developer investigation (ADI) conducted by Facebook Inc. after the Cambridge Analytica data-sharing incident are nonprivileged and discoverable, a California federal magistrate judge held Sept. 8, finding that the investigation was conducted by non-attorneys primarily for business, not legal, purposes.
SAN FRANCISCO — Two months after oral argument was heard in California federal court on documents withheld by the Department of Homeland Security (DHS) in response to Freedom of Information Act (FOIA) requests made by the American Civil Liberties Union Foundation (ACLUF) regarding the government’s social media surveillance program, the court, in a Sept. 8 clerk’s notice docket entry, asked DHS to clarify its position on one of the invoked FOIA exemptions.
CLEVELAND — An Ohio federal judge on Sept. 7 denied Sonic Corp.’s motion for summary judgment over a negligence claim brought against it by a class of financial institutions (FIs) related to the fast food chain’s 2017 data breach, with the judge finding that questions of material fact existed and holding that the key matter of proximate cause should be decided by a jury.
RICHMOND, Va. — Six months after the Fourth Circuit U.S. Court of Appeals heard oral arguments in a dispute over whether the state secrets privilege precludes in camera review of documents that purportedly establish Wikimedia Foundation’s constitutional claims over surveillance activities of the National Security Agency (NSA), Wikimedia on Sept. 2 filed a brief arguing that a recent Ninth Circuit U.S. Court of Appeals surveillance-related suit is very different from, and therefore inapplicable to, the present case.
SAN JOSE, Calif. — Responding to Google LLC’s latest motion to dismiss putative class claims alleging unauthorized recording of users’ conversations by Google Assistant (GA) devices, the lead plaintiffs on Aug. 30 argue that they obtained their respective devices based on Google’s representations that consumers controlled when the conversations would be recorded.
TAMPA, Fla. — After multiple rounds of briefing and a contrary view by a magistrate judge, a Florida federal judge on Aug. 25 granted final approval to the settlement of a class action over a 2019 data breach experienced by Checkers Drive-In Restaurants Inc., with the judge finding that the lead plaintiffs sufficiently establish standing to bring their claims, declining to adopt the magistrate’s recommendation to deny approval.
NEW ORLEANS — A security company that properly intervened in a class lawsuit accusing a former employee of privacy violations when he allegedly accessed security cameras dozens of times after they were installed is a primary defendant under the Class Action Fairness Act (CAFA), a Fifth Circuit U.S. Court of Appeals panel ruled Aug. 24, reversing a trial court’s remand order that had been based on CAFA’s “home state” exception.
NEW YORK — A policyholder with Lemonade Inc. filed suit against his insurer in New York federal court on Aug. 20, claiming that the company uses automated chatbots to collect its customers’ biometric data without notice or consent, alleging putative class claims for breach of contract and deceptive trade practices.
CINCINNATI — Sonic Corp. failed to establish the need for an interlocutory appeal of a trial court’s ruling granting class certification to a group of plaintiff financial institutions (FIs) in a consolidated class action over the fast food chain’s 2017 data breach, a Sixth Circuit U.S. Court of Appeals panel ruled Aug. 24, finding that some of the defendant’s arguments pertain to causation rather than class certification.
LOS ANGELES — Two months after a California federal judge stayed, in favor of arbitration, claims brought against Ring LLC by plaintiffs who purchased a product from or created an account with the company, the remaining nonpurchaser plaintiffs on Aug. 23 filed a second amended class complaint (SAC) in which they accuse the security device company of an “egregious failure to provide the safety and security it ostensibly promises its customers,” alleging claims for negligence, invasion of privacy and unfair competition.
NEW ORLEANS — Amicus curiae American Property Casualty Insurance Association on Aug. 20 filed a brief in support of a commercial general liability insurer’s petition for rehearing en banc after a quorum panel of the Fifth Circuit U.S. Court of Appeals reversed a lower federal court’s finding that it has no duty to defend against an underlying lawsuit seeking to recover damages purportedly caused by a data breach of the insured’s credit card processing system.
CHICAGO — The plaintiffs in a multidistrict litigation over a massive database of photographs created by Clearview AI Inc., ask an Illinois federal judge in an Aug. 19 reply brief to compel defendant Macy’s Inc. to comply with a court order requiring the submission of initial discovery and responses to a first round of interrogatories, asserting that the retailer is attempting to avoid its discovery obligations with its filing of a motion to stay.
SAN FRANCISCO — With a California man’s filing of a putative class action in California federal court on Aug. 20, at least six federal complaints have now been filed against T-Mobile USA Inc., in the wake of the mobile carrier’s announcement of a data breach that compromised the personally identifiable information (PII) of millions of its customers.
OAKLAND, Calif. — A California federal judge on Aug. 16 granted a California company’s motion to dismiss a putative class action filed against it by an England resident under the United Kingdom’s version of the European Union’s (EU’s) General Data Protection Regulation (U.K. GDPR), finding that the grounds of forum non conveniens and international comity compelled dismissal of the case with a plaintiff and proposed class composed entirely of U.K. residents.
EUGENE, Ore. — A federal magistrate judge in Oregon on Aug. 13 partially granted a motion to obtain release of medical records for incarcerated individuals who died following positive tests for COVID-19; the records were requested by individuals who sued on behalf of three proposed classes and accuse Oregon and various officials of failing to properly protect those incarcerated from the coronavirus pandemic.
SAN FRANCISCO — A federal magistrate judge in California on Aug. 13 dismissed for a second time a putative class complaint accusing an online jewelry store and its software provider of wiretapping and privacy violations for tracking users’ actions, finding that there are no allegations of wiretapping or injury that create a private right under California’s Invasion of Privacy Act.