Mealey's Data Privacy

  • February 21, 2018

    Supreme Court Told ECPA Permits Disclosure Of Decedent’s Email Account

    WASHINGTON, D.C. — In a Feb. 20 brief opposing certiorari, the siblings of a deceased Massachusetts man tell the U.S. Supreme Court that a state court ruling ordering the disclosure of the contents of their brother’s Yahoo email account does not run afoul of the Electronic Communications Privacy Act (ECPA) and creates no questions or conflicts meriting high court review (Oath Holdings Inc. v. Marianne Ajemian, et al., No. 17-1005, U.S. Sup.).

  • February 21, 2018

    Interlocutory Appeal Denied In Stolen Data Suit Against Intuit

    SAN JOSE, Calif. — Plaintiffs alleging negligence by Intuit Inc. related to incidents of fraudulent tax return filings were denied the opportunity to pursue an interlocutory appeal of an order compelling arbitration on Feb. 16, when a California federal judge concluded that an appeal would not serve to advance resolution of the case (In re Intuit Data Litigation, No. 5:15-cv-01778, N.D. Calif.).

  • February 21, 2018

    6th Circuit: Pharmacist Used Others’ Identifications To Further Fraud Scheme

    CINCINNATI — A federal judge in Kentucky erred when dismissing a count from an indictment charging a pharmacist with aggravated identity theft, a Sixth Circuit U.S. Court of Appeals panel ruled Feb. 20, finding that the defendant used the identities of a doctor and patient for the purpose of submitting a fraudulent claim to an insurance company (United States of America v. Philip E. Michael II, No. 17-5626, 6th Cir., 2018 U.S. App. LEXIS 3918).

  • February 20, 2018

    Supreme Court Declines To Consider Data Breach Article III Standing Appeal

    WASHINGTON, D.C. — In its Feb. 20 order list, the U.S. Supreme Court denied a petition for certiorari by a health insurer that argued that the District of Columbia Circuit U.S. Court of Appeals did not apply the proper actual or imminent harm standing in determining class members’ standing under Article III of the U.S. Constitution related to the exposure of their personally identifiable information (PII) in a 2014 data breach (CareFirst Inc., et al. v. Chantal Attias, et al., No. 17-641, U.S. Sup., 2018 U.S. LEXIS 1356).

  • February 20, 2018

    Financial Institutions Defend Attorney Fees Award In Home Depot Data Breach Suit

    ATLANTA — In a Feb. 16 brief to the 11th Circuit U.S. Court of Appeals, a group of financial institutions (FIs) that achieved a successful settlement of their claims related to the 2014 Home Depot Inc. data breach oppose the home improvement chain’s appeal of a subsequent $15.3 million attorney fees award, calling the amount reasonably calculated and in line with the efforts undertaken by class counsel (Northeastern Engineers Federal, et al. v. Home Depot Inc., et al., No. 17-14741, 11th Cir.).

  • February 16, 2018

    Fired Employee May Conduct Discovery Into Confidential Data Breach Suit Documents

    PHOENIX — Granting a joint discovery resolution motion filed by the parties in a wrongful termination suit, an Arizona federal magistrate judge on Feb. 14 found that an employee who was purportedly terminated for whistleblowing related to data breaches experienced by his former employer was entitled to conduct discovery into why documents related to lawsuits over those breaches were designated as confidential (Miguel Corzo v. Maricopa County Community College District, et al., No. 2:15-cv-02552, D. Ariz.).

  • February 15, 2018

    Microsoft Must Produce Foreign-Stored Emails, DOJ Tells Supreme Court

    WASHINGTON, D.C. — With oral arguments approaching on Feb. 27, the U.S. Department of Justice (DOJ) filed a reply brief on behalf of the federal government with the U.S. Supreme Court Feb. 12, arguing that the presumption against extraterritoriality does not prevent Microsoft Corp. from producing foreign-stored emails under a Stored Communications Act (SCA) warrant because the firm’s compliance with the warrant would occur domestically (United States v. Microsoft Corp., No. 17-2, U.S. Sup.).

  • February 15, 2018

    Felon Tells High Court Cell-Site Simulator Use Violated Due Process, 4th Amendment

    WASHINGTON, D.C. — In a Feb. 12 reply brief, a man convicted of firearms violations asks the U.S. Supreme Court to review whether law enforcement’s use of a device called a cell-site simulator to track his location violated his Fourth Amendment rights (Damian Patrick v. United States, No. 17-6256, U.S. Sup.).

  • February 13, 2018

    Rhode Island City Sues Intel For Meltdown, Spectre Security Vulnerabilities

    SAN JOSE, Calif. — The city of Providence, R.I., on Feb. 12 filed a consumer protection class action complaint against Intel Corp. in California federal court, charging the microprocessor chip manufacturer with unfair competition and warranty violations related to the recently discovered “Meltdown” and “Spectre” security vulnerabilities that can reportedly affect millions of computers and devices worldwide, resulting in the exposure of users’ sensitive information (Providence v. Intel Corp., No. 5:18-cv-00894, N.D. Calif.).

  • February 13, 2018

    Yahoo Users Oppose Dismissal Of Data Breach Consolidated Class Action

    SAN JOSE, Calif. — Arguing in a Feb. 9 brief that they sufficiently alleged such elements as reliance, damages and unconscionability, the lead plaintiffs in a consolidated lawsuit over data breaches experienced by Yahoo Inc. oppose the internet firm’s motion to dismiss in California federal court (In re:  Yahoo! Inc. Customer Data Security Breach Litigation, No. 5:16-md-02752, N.D. Calif.).

  • February 12, 2018

    Google Email-Scanning Class Action Settlement Receives Final Approval

    SAN JOSE, Calif. — Five and a half months after preliminarily approving a settlement between Google LLC and a class of non-Gmail users, a California federal judge on Feb. 9 granted the plaintiffs’ motion for final approval of the settlement in which Google agrees to stop scanning emails sent to Gmail users (Daniel Matera, et al. v. Google LLC, No. 5:15-cv-04062, N.D. Calif.).

  • February 8, 2018

    Arbitration, Consolidation, Stay Motions Pending In Uber Data Breach Suits

    CHICAGO — A customer of Uber Technologies Ltd. on Feb. 5 filed a motion to stay his putative class action in Illinois federal court over the ride-sharing service’s 2016 data breach, in light of a pending motion to consolidate 18 such cases before the U.S. Judicial Panel on Multidistrict Litigation (JPMDL) (Bradley West v. Uber USA LLC, et al., No. 1:17-cv-08593, N.D. Ill.).

  • January 30, 2018

    Maryland Federal Judge Grants Media’s Motion To Unseal Info In Tenants’ Class Suit

    BALTIMORE — A Maryland federal judge on Jan. 26 granted a motion to intervene filed by media organizations in a tenant class complaint against the companies that own more than a dozen Maryland apartment complexes, companies that are owned in part by the son-in-law of the president of the United States; the motion to intervene was filed for the purpose of opposing the defendants’ motion for leave to file the supplemental removal statement under seal (Tenae Smith, et al. v. Westminster Management, LLC, et al., No. 17-3282, D. Md., 2018 U.S. Dist. LEXIS 12780).

  • January 30, 2018

    Ohio Federal Judge: No Stay Or Transfer In 2nd Suit Over Whole Foods Data Breach

    CLEVELAND — An Ohio federal judge on Jan. 25 denied a motion to stay or transfer the second class complaint filed against Whole Foods Market Group Inc. over a data breach, finding that there is no overlap in the state law claims made in the two suits and that the case should proceed without interruption (Patricia Banus, et al. v. Whole Foods Market Group, Inc., No. 17-2132, N.D. Ohio, 2018 U.S. Dist. LEXIS 12289).

  • January 29, 2018

    Hospital Employees Say Economic-Loss Doctrine Permits Data-Breach Damages Claims

    PITTSBURGH — Employees of a Pennsylvania hospital whose personally identifiable information (PII) was stolen in a 2014 data breach argue in a Dec. 28 brief to the Pennsylvania Supreme Court that the state’s economic-loss doctrine does not bar their negligence claim against the hospital or related damages (Barbara A. Dittman, et al. v. UPMC, et al., No. 43 WAP 2017, Pa. Sup.).

  • January 29, 2018

    9th Circuit Affirms Dismissal Of Privacy Suit Against GM, Toyota

    SAN FRANCISCO — Plaintiffs claiming privacy and consumer violations against Toyota Motor Corp. and General Motors LLC (GM) failed allege any actual harm from the purported risk of vehicles’ computer components being hacked, a Ninth Circuit U.S. Court of Appeals panel ruled Dec. 21, affirming dismissal of their putative class claims for lack of standing under Article III of the U.S. Constitution (Helene Cahen, et al. v. Toyota Motor Corp., et al., No. 16-15496, 9th Cir., 2017 U.S. App. LEXIS 26261).

  • January 29, 2018

    Objector To 9th Circuit: Facebook Message-Scanning Settlement Benefits Counsel

    SAN FRANCISCO — The $3.89 million settlement of a class action over Facebook Inc.’s practice of scanning users’ private messages (PMs) is unfair, an objecting class member tells the Ninth Circuit U.S. Court of Appeals in a Jan. 25 brief seeking reversal of the settlement’s approval, because most of the award goes to class counsel rather than class members (Matthew Campbell, et al. v. Facebook Inc., et al., No. 17-16873, 9th Cir.).

  • January 26, 2018

    FAA, Public Interest Group Argue Drone Privacy Issues Before D.C. Circuit

    WASHINGTON, D.C. — The District of Columbia Circuit U.S. Court of Appeals heard arguments about drone privacy on Jan. 25, with Electronic Privacy Information Center (EPIC) and the Federal Aviation Administration (FAA) debating whether the agency violated the Administrative Procedure Act (APA) by not addressing privacy issues in its recent rule on drone safety (Electronic Privacy Information Center, et al. v. The Federal Aviation Administration, et al., No. 16-1297, D.C. Cir.).

  • January 25, 2018

    Group Seeks Vacatur Of Ruling Over Now-Defunct Voter Data Collection Commission

    WASHINGTON, D.C. — Arguing that an order denying requested injunctive relief against a presidential investigatory commission was mooted by its recent dissolution, a civil liberties organization argues in a Jan. 24 reply brief to the District of Columbia Circuit U.S. Court of Appeals that the order, in which a judge declined to enjoin the commission’s collection of voter data,, should be vacated and remanded for resolution of remaining issues (Electronic Privacy Information Center v. Presidential Advisory Commission on Election Integrity, et al., No. 17-5171, D.C. Cir.).

  • January 25, 2018

    Motel 6 Latino Guests File Class Complaint After Guest Info Is Turned Over To ICE

    PHOENIX — Motel 6 Operating L.P. and G6 Hospitality LLC, doing business as Motel 6, maintain a policy of disclosing guest registration information to agents of U.S. Immigration and Customs Enforcement (ICE) within the Department of Homeland Security (DHS) without requiring a warrant or reasonable suspicion of criminal acidity in violation of the U.S. Constitution, federal civil rights statutes and Arizona statutes, several unnamed Latino guests allege in a class complaint filed Jan. 23 in the U.S. District Court for the District of Arizona (Jane V., et al. v. Motel 6 Operating L.P., et al., No. 18-242, D. Ariz.).