We use cookies on this site to enable your digital experience. By continuing to use this site, you are agreeing to our cookie policy. close
Newsletter RSS

Mealey's Data Privacy

  • June 24, 2019

    Judge Reports Likelihood Of Reversing Ruling For Twitter In Surveillance Suit

    OAKLAND, Calif. — In a June 21 order to show cause (OSC), a California federal judge reports that newly submitted evidence from the federal government has likely convinced her to reverse a two-year old ruling in which she declined to dismiss constitutional challenges to the Foreign Intelligence Surveillance Act (FISA) and the Espionage Act by Twitter Inc. in connection with a gag order forbidding the social network from reporting on its mandated participation in government surveillance activities (Twitter Inc. v. William P. Barr, et al., No. 4:14-cv-04480, N.D. Calif.).

  • June 21, 2019

    D.C. Circuit Revives Union’s Privacy Act Class Claim Against OPM For Data Breach

    WASHINGTON, D.C. — In a June 21 per curiam majority opinion, the District of Columbia Circuit U.S. Court of Appeals found that a labor union sufficiently alleged class claims against The U.S. Office of Personnel Management (OPM) and a contractor under the Privacy Act of 1974 related to a 2015 data breach, partly reversing a trial court’s dismissal of the consolidated lawsuit (In Re:  U.S. Office of Personnel Management Data Security Breach Litigation, No. 17-5217 & 17-5232, D.C. Cir., 2019 U.S. App. LEXIS 18609).

  • June 21, 2019

    Georgia Supreme Court Hears Arguments Over Privacy Of Automobile Data

    ATLANTA — The state of Georgia, the American Civil Liberties Union and a man convicted of vehicular homicide presented arguments to the Georgia Supreme Court on June 19 as to whether data related to a car’s air bag deployment, and related information, was properly downloaded by law enforcement investigating a deadly car crash prior to obtaining a warrant, or whether these actions violated the Fourth Amendment to the U.S. Constitution (Victor Mobley v. The State, No. S18G1546, Ga. Sup.).

  • June 21, 2019

    Preliminary Approval Granted To Settlement Of Chipotle Data Breach Class Action

    DENVER — A Colorado federal judge on June 19 granted preliminary approval to a settlement of class claims over a 2017 data breach experienced by against Chipotle Mexican Grill Inc., with the burrito chain agreeing to pay claims of affected customers without an aggregated cap (Todd Gordon, et al. v. Chipotle Mexican Grill Inc., No. 1:17-cv-01415, D. Colo., 2019 U.S. Dist. LEXIS 102304).

  • June 18, 2019

    J. Crew Again Seeks Dismissal Of Remanded FACTA Lawsuit

    NEWARK, N.J. — In a June 11 motion to dismiss, J. Crew Group Inc. says that a customer’s recently filed third amended complaint (TAC) fails to support his claim under the Fair and Accurate Credit Transactions Act (FACTA) for purportedly printing noncompliant receipts, arguing that the man pleads no new facts to support his twice-dismissed claims of an increased risk of identity theft (Ahmed Kamal v. J. Crew Group Inc., et al., No. 2:15-cv-00190, D. N.J.).

  • June 17, 2019

    7th Circuit:  Airline Workers’ Biometric Data Claims Must Go To Adjustment Board

    CHICAGO — Employees of two airlines challenging the collection of their biometric data via systems tracking their work time must take their disputes before an adjustment board pursuant to the Railway Labor Act (RLA), a Seventh Circuit U.S. Court of Appeals panel ruled June 13 (Jennifer Miller, et al. v. Southwest Airlines Co., No. 18-3476, David Johnson, et al. v. United Airlines, Inc., et al., No. 19-1785, 7th Cir., 2019 U.S. App. LEXIS 17803).

  • June 17, 2019

    9th Circuit Affirms Dismissal Of Face-Tagging Suit Against Facebook

    SAN FRANCISCO — Finding that the record established that Facebook Inc. did not use its facial recognition technology in the photo-uploading incident at the heart of a putative class action, a Ninth Circuit U.S. Court of Appeals panel on June 14 affirmed judgment in the social network’s favor on a man’s claim that it violated an Illinois biometric privacy statute (Frederick William Gullen v. Facebook Inc., No. 18-15785, 9th Cir., 2019 U.S. App. LEXIS 17969).

  • June 17, 2019

    Neiman Marcus, Customers Announce Revised Settlement Of Data Breach Class Action

    CHICAGO — Nine months after a judge declined to approve a previously proposed settlement between the Neiman Marcus Group LLC and a group of customers over a 2013 data breach, the parties filed a status report on June 12, informing an Illinois federal court that they had reached a new settlement (Hilary Remijas, et al. v. The Neiman Marcus Group, LLC, No. 1:14-cv-01735, N.D. Ill.).

  • June 13, 2019

    Amazon Hit With Class Claims For Recording Of Children’s Voices By ‘Alexa’

    SEATTLE — In a putative class complaint filed June 11 in Washington federal court, Amazon.com Inc. was accused of violating eight states’ wiretap statutes by recording and storing the voices of minors without consent or notice via the “Alexa” digital assistant (C.O. v. Amazon.com Inc., et al., No. 2:19-cv-00910, W.D. Wash.).

  • June 11, 2019

    2nd Circuit Affirms Exemption Of Surveillance Documents From ACLU’s FOIA Request

    NEW YORK — Several surveillance program documents withheld by government agencies in response to Freedom of Information Act (FOIA) requests by the American Civil Liberties Union  were properly found to be classified or privileged, a Second Circuit U.S. Court of Appeals panel found May 30, affirming a trial court’s ruling and taking the opportunity to clarify some exemptions to the FOIA, 5 U.S.C. § 552 (American Civil Liberties Union, et al. v. National Security Agency, et al., No. 17-3399, 2nd Cir., 2019 U.S. App. LEXIS 16122).

  • June 10, 2019

    Quest Diagnostics Hit With Class Complaint Over Recently Announced Data Breach

    NEWARK, N.J. — Three days after Quest Diagnostics Inc. announced that a breach of a billing vendor’s system had exposed patient information, a negligence class complaint was filed against the nationwide medical testing firm in New Jersey federal court, seeking monetary damages and security system improvements (Francis Carbonneau v. Quest Diagnostics Inc., et al., No. 2:19-cv-13472, D. N.J.).

  • June 10, 2019

    Credit Unions’ Suits Over Sonic Data Breach Consolidated With Consumers’ Suits

    WASHINGTON, D.C. — Overruling objections raised by a class of consumer plaintiffs, the U.S. Judicial Panel on Multidistrict Litigation (JPMDL) on June 5 consolidated two putative class actions filed by financial institutions (FIs) over a 2017 data breach experienced by Sonic Corp. with those previously filed by consumer plaintiffs against the fast food chain, transferring the FI’s suits to Ohio federal court (In re:  Sonic Corp. Customer Data Security Breach, No. 2807, JPMDL).

  • June 4, 2019

    Judge: TCPA Violations Arise Out Of ‘Invasion Of Privacy’; Coverage Barred

    WEST PALM BEACH, Fla. — A Florida federal judge on May 30 held that coverage for an underlying $60,413,112 consent judgment entered against an insured in a Telephone Consumer Protection Act (TCPA) violation dispute is barred by the insurance policy’s “invasion of privacy” exclusion, finding that the alleged TCPA violations arise ou tof an invasion of privacy (Jacob Horn, et al. v. Liberty Insurance Underwriters, Inc., No.18-80762, S.D. Fla., 2019 U.S. Dist. LEXIS 90194).

  • June 4, 2019

    Class Actions Filed Over Title Insurer’s Data Security Breach

    SANTA ANA, Calif. — With a California couple’s June 3 complaint against First American Title Co. in California federal court, six putative class actions have now been filed in the wake of the recent revelation of purported lapses in protecting customer data by the leading title insurance company (Antonio Barajas, et al. v. First American Financial Corp., et al., No. 8:19-cv-01078, C.D. Calif.).

  • June 3, 2019

    Facebook, Objector Tell 9th Circuit Privacy Class Plaintiffs Lacked Standing

    SAN FRANCISCO — In supplemental briefs filed May 29 at the direction of the Ninth Circuit U.S. Court of Appeals, Facebook Inc. and an objector to the underlying settlement of a class action over the social network’s now-discontinued practice of scanning users’ private messages (PMs), argue that subsequent U.S. Supreme Court rulings make it clear that the plaintiffs never properly established standing to bring their privacy claims against Facebook under Article III of the U.S. Constitution (Matthew Campbell, et al. v. Facebook Inc., et al., No. 17-16873, 9th Cir.).

  • June 3, 2019

    Criminal Acts Exclusion Does Not Bar Coverage For Class Action, Panel Affirms

    SANTA ANA, Calif. — A California appeals panel on May 31 affirmed a lower court's finding that coverage is owed for claims that an insured violated California Penal Code Section 632 by improperly recording a private interview without her knowledge and published it to third parties,  rejecting an insurer’s argument that coverage is excluded under a commercial general liability insurance policy’s criminal acts exclusion (Nautilus Insurance Company v. Monique Mingione, No. G055914, Calif. App., 4th Dist., Div. 3, 2019 Cal. App. Unpub. LEXIS 3759).

  • May 29, 2019

    Students’ Class Claims Against Shuttered College Dismissed With Prejudice

    BOSTON — A federal judge in Massachusetts on May 24 dismissed with prejudice putative class claims brought by former students of a Massachusetts college that abruptly closed its doors at the end of the 2018 academic year after a failed merger, finding that the students failed to sufficiently allege their privacy, breach of contract and other claims and that no opportunity to amend would be given (Tristan Squeri, et al. v. Mount Ida College, et al., No. 18-12438, D. Mass., 2019 U.S. Dist. LEXIS 88273).

  • May 22, 2019

    Experian Data Breach Class Submits Proposed Judgment For $170 Million Settlement

    SANTA ANA, Calif. — A week after a California federal judge granted final approval to the settlement of a class action over a 2015 data breach experienced by Experian Information Solutions Inc., the class on May 16 filed a proposed judgment releasing all claims against Experian and addressing the judge’s concerns that a previously submitted judgment was overly broad (In Re Experian Data Breach Litigation, No. 8:15-cv-01592, C.D. Calif.).

  • May 22, 2019

    Wiretap Claim Against Sex Toy Manufacturer Partly Dismissed

    OAKLAND, Calif. — Finding that certain date and time data collected by a sex toy app constituted record information, rather than the contents of a communication, a California federal judge on May 15 dismissed in part claims against a “sextech” company under the Wiretap Act, while holding that “vibration intensity” data, which was allegedly collected without user consent, qualified as communications and could support a claim under the statute (S.D. v. Hytto Ltd., No. 4:18-cv-00688, N.D. Calif.).

  • May 22, 2019

    Patient’s Breach Of Contract Claim Over Health Info Disclosure Dismissed

    KANSAS CITY, Mo. — A hospital’s motion to dismiss putative class claims over the unintentional disclosure of patients’ protected health information (PHI) was partly granted May 16, when a Missouri federal judge found that the lead plaintiff did not establish the existence of a contract that was breached by the data disclosure (K.A. v. Children’s Mercy Hospital, No. 4:18-cv-00514, W.D. Mo., 2019 U.S. Dist. LEXIS 82725).