Mealey's Data Privacy

  • May 22, 2017

    Newspaper’s FOIA Suit Over Officers’ Mug Shots Denied Certiorari

    WASHINGTON, D.C. — In its May 22 order list, the U.S. Supreme Court denied a newspaper’s petition for certiorari over privacy rights connected to Freedom of Information Act (FOIA) requests for booking photos, letting stand a Sixth Circuit U.S. Court of Appeals ruling that found an FOIA exemption protecting certain “embarrassing” facts from disclosure (Detroit Free Press Inc. v. U.S. Department of Justice, No. 16-706, U.S. Sup., 2017 U.S. LEXIS 3246).

  • May 19, 2017

    Consumer Class Again Certified In Target Data Breach Class Action

    MINNEAPOLIS — After previous settlement in a class over the 2013 Target Corp. data breaches was rejected by the Eighth Circuit U.S. Court of Appeals, a Minnesota federal judge on May 17 granted a renewed certification motion by a class of consumers whose personally identifiable information (PII) was compromised in the breaches, stating that the required “rigorous analysis” confirmed the adequacy of class representation and revealed no intra-class conflict that would render the settlement unfair (In re:  Target Corporation Customer Data Security Breach Litigation, No. 14-2522, D. Minn., 2017 U.S. Dist. LEXIS 75455).

  • May 18, 2017

    Costco FCRA Disclosure Class Suit Is Sent Back To State Court

    SEATTLE — A Washington federal judge on May 16 remanded a class suit accusing Costco Wholesale Corp. of violating the Fair Credit Reporting Act (FCRA) by failing to provide a full and correct disclosure when requesting authorization to conduct background checks of job applicants, finding that a lack of subject matter jurisdiction warranted sending it back to state court and not dismissing it (Julius Terrell v. Costco Wholesale Corp., No. 16-1415, W.D. Wash., 2017 U.S. Dist. LEXIS 74567).

  • May 15, 2017

    Cell Phone Owners Allege Privacy Violations Over Firmware’s PII Forwarding

    MIAMI — In a May 12 amended complaint in Florida federal court, two cell phone owners bring privacy class claims against the phones’ manufacturer and a Chinese firmware designer that they claim is responsible for surreptitiously intercepting and forwarding their personally identifiable information (PII) (In Re BLU Products Inc. Privacy Breach, No. 1:16-cv-24892, S.D. Fla.).

  • May 15, 2017

    Taxi Driver Asks U.S. Supreme Court To Hear 4th Amendment GPS-Tracking Suit

    WASHINGTON, D.C. — In a May 2 reply brief supporting his petition for certiorari, a New York City taxi driver asks the U.S. Supreme Court to consider whether a city-run commission’s tracking of cabs via global positioning system (GPS) constitutes a violation of the Fourth Amendment to the U.S. Constitution (Hassan El-Nahal v. David Yassky, et al., No. 16-830, U.S. Sup.).

  • May 12, 2017

    Golden State Warriors Fan Opposes Motions To Dismiss App Privacy Class Action

    OAKLAND, Calif. — In a May 9 brief in California federal court, a fan of National Basketball Association team the Golden State Warriors defends her suit alleging interception of her private conversations via the team’s smartphone application, opposing the defendants’ dismissal motions and asserting that she sufficiently pleaded interception under the Electronic Communications Privacy App (ECPA) (LaTisha Satchell v. Sonic Notify Inc. d/b/a Signal360, et al., No.3:16-cv-04961, N.D. Calif.).

  • May 11, 2017

    Health Information Sharing Claims Against Facebook, Health Care Sites Dismissed

    SAN JOSE, Calif. — Because the plaintiffs in a privacy lawsuit against Facebook Inc. agreed to the social network’s data and privacy policies, a California federal judge on May 9 found that their claims related to the purported sharing of information gathered from visits to health-related websites failed in light of this consent (Winston Smith, et al. v. Facebook Inc., et al., No. 5:16-cv-01282, N.D. Calif.).

  • May 9, 2017

    Smart TV Owners Defend Privacy, Wiretap Class Claims Against Vizio

    SANTA ANA, Calif. — In a May 4 brief in California federal court, a putative class of Vizio Inc. smart TV owners oppose the manufacturer’s motion to dismiss some claims and strike the proposed class, arguing that previously identified deficiencies in its federal and state wiretap claims have been cured (In Re:  Vizio, Inc., Consumer Privacy Litigation, No. 8:16-ml-02693, C.D. Calif.).

  • May 8, 2017

    Medical App Maker Seeks Dismissal Of Privacy Suit For Lack Of Standing

    FORT LAUDERDALE, Fla. — A telehealth provider on May 2 moved to dismiss a putative privacy class action against it in Florida federal court, asserting that a user of its mobile application failed to plead an injury that established standing or to identify any contractual violations in the sharing of certain user medical information with a third-party vendor (Joan Richards v. MDLive Inc., No. 0:17-cv-60760, S.D. Fla.).

  • May 5, 2017

    Class Certification Denied In Dillard’s Employee’s Data Breach Suit Against Insurer

    CHICAGO — An employee of the Dillard’s department store chain saw her motion to certify a class action over a 2013 data breach denied May 3, when an Illinois federal judge found that individual issues dominated breach of contract claims against the retailer’s insurer, which the plaintiff faulted for permitting employees’ personally identifiable information (PII) to be exposed to identity thieves (Anne Dolmage v. Combined Insurance Company of America, No. 1:14-cv-03809, N.D. Ill., 2017 U.S. Dist. LEXIS 67555).

  • May 3, 2017

    Pokémon GO Privacy Suit Dismissed For Lack Of Standing, Actual Injury

    WEST PALM BEACH, Fla. — A player of the popular mobile game Pokémon GO saw his privacy and unfair trade practices complaint against the game’s developer get dismissed May 1, with a Florida judge finding that the plaintiff lacked standing under the Florida Deceptive and Unfair Trade Practices Act (DUTPA) because he failed to allege any actual injuries (David J. Beckman v. Niantic Inc., No. 2016-CA-008330, Fla. Cir., 15th Jud. Cir.).

  • May 3, 2017

    Zappos Customers Tell 9th Circuit PII Theft Was An Article III Injury

    SAN FRANCISCO — In a May 1 reply brief in the Ninth Circuit U.S. Court of Appeals, the lead plaintiffs in a putative class action against Zappos.com Inc. argue that the theft of their personally identifiable information (PII) in a 2012 data breach constituted a concrete injury that established their standing to pursue negligence and deceptive trade practices claims against the online retailer (Theresa Stevens, et al. v Zappos.com Inc., No. 16-16860, 9th Cir.).

  • May 2, 2017

    Lack Of Damages Dooms Michaels Stores Data Breach Suit, 2nd Circuit Rules

    NEW YORK — A Second Circuit U.S. Court of Appeals panel on May 2 affirmed dismissal of a putative class action against Michaels Stores Inc., finding that the lead plaintiff failed to allege any damages from the retail chain’s data breach and, thus, did not establish standing (Mary Jane Whalen, et al. v. Michaels Stores Inc., No. 16-260 and 16-352, 2nd Cir.).

  • May 1, 2017

    Police Officers Want Relief From Newspaper’s Discovery Requests In DPPA Suit

    CHICAGO — A group of Chicago police officers who sued a newspaper for violating the Drivers Privacy and Protection Act (DPPA) by publishing their personal information moved for a protective order in Illinois federal court on April 28, contending that the newspaper continues to seek improper and irrelevant information in discovery requests despite a previous order precluding it from doing so (Scott Dahlstrom, et al. v. Sun-Times Media LLC, No. 1:12-cv-00658, N.D. Ill.).

  • April 28, 2017

    Labor Board ALJ Finds AT&T’s Privacy Rule For Workers Is Too Broad

    WASHINGTON, D.C. — AT&T Mobility LLC’s privacy policy for employees that prohibits the recording of conversations with co-workers, managers and third parties is overly broad and violates the National Labor Relations Act (NLRA), an administrative law judge (ALJ) ruled April 25 (AT&T Mobility, LLC and Marcus Davis, No. 05-CA-178637, NLRB).

  • April 28, 2017

    Settlement Of Facebook Message-Scanning Class Action Preliminarily Approved

    OAKLAND, Calif. — A California federal judge on April 26 granted a motion to preliminarily approve settlement of a class action that accused Facebook Inc. of privacy violations related to the social network’s scanning of users’ private messages (PMs) for advertisement purposes (Matthew Campbell, et al. v. Facebook Inc., No. 4:13-cv-05996, N.D. Calif.).

  • April 26, 2017

    Horizon Again Seeks Dismissal Of FCRA Suit Over Stolen Laptops

    NEWARK, N.J. — After an appeals court revived a putative class action under the Fair Credit Reporting Act (FCRA) related to the theft of laptops containing policyholders’ personally identifiable information (PII), an insurer on April 21 filed a renewed dismissal motion in New Jersey federal court, arguing that statute governs actions of credit-reporting agencies, not health insurance providers (In Re Horizon Healthcare Services Inc. Data Breach Litigation, No. 2:13-CV-07418, D. N.J.).

  • April 25, 2017

    Credit-Reporting Firm Defends Privilege In Forensic Consultant’s Report

    SANTA ANA, Calif. — In an April 21 brief in California federal court, Experian Information Solutions Inc. opposes a motion to compel by the plaintiffs in a putative data breach class action, contending that a forensic consultant’s report on the breach constitutes legal advice that is exempt from discovery under attorney-client privilege and the work product doctrine (In Re Experian Data Breach Litigation, No. 8:15-cv-01592, C.D. Calif.).

  • April 21, 2017

    Magistrate: Disclosure Of Foreign-Stored Google Data Permissible Under SCA

    SAN FRANCISCO — In an April 19 ruling, a California federal magistrate judge denied Google Inc.’s motion to quash a warrant, issued under the Stored Communications Act (SCA), for foreign-stored data, concluding that the warrant on California-based Google constituted a domestic application of the statute that does not run afoul of the presumption against extraterritorial application of U.S. laws (In the Matter of the Search of Content That is Stored at Premises Controlled by Google, No. 3:16-mc-80263, N.D. Calif., 2017 U.S. Dist. LEXIS 59990).

  • April 21, 2017

    Privacy Class Action Filed Over Medical App’s Health Information Sharing

    FORT LAUDERDALE, Fla. — A Utah woman filed a putative class complaint April 18 against the provider of a physician consultation smartphone app, telling a Florida federal court that the app shares users’ sensitive medical information with a third-party firm, breaching the app maker’s duty to keep this information confidential (Joan Richards v. MDLive Inc., No. 0:17-cv-60760, S.D. Fla.).