Mealey's Data Privacy

  • April 01, 2020

    Zoom Hit With 2 Class Complaints For Sharing Data With Facebook

    SAN FRANCISCO — On March 31, Zoom Video Communications Inc. was named in its second putative class complaint in California federal court in as many days, with two users of its videoconferencing platform alleging negligence, unfair competition and privacy violations for Zoom’s admitted sharing of certain personally identifiable information (PII) of users operating its app on Apple Inc.’s operating system (iOS) (Samuel Taylor v. Zoom Video Communications Inc., No. 3:20-cv-02170, Robert Cullen v. Zoom Video Communications Inc., 5:20-cv-02155, N.D. Calif.).

  • March 31, 2020

    Facebook Users Oppose Dismissal Of Location-Data Collection Class Complaint

    SAN FRANCISCO — Maintaining that Facebook Inc. has engaged in “an egregious breach of their privacy” via “persistent, duplicitous, profit-driven collection and use” of their location data even when they opt out of such collection, four of the social network’s users filed a brief in California federal court on March 27, opposing Facebook’s motion to dismiss their putative privacy class claims (Brett Heeger, et al. v. Facebook Inc., No. 3:18-cv-06399, N.D. Calif.).

  • March 27, 2020

    Nike Must Provide Employee Names, Data In Sex Bias Class Action, Magistrate Rules

    PORTLAND, Ore. — An Oregon federal magistrate judge on March 23 granted a motion by a group of former Nike Inc. employees to compel the sporting goods giant to produce employee names and identifying information associated with certain documents that it has already provided in discovery in a sex bias suit against it, with the magistrate finding that a prior ruling and a protective order will guard the employees’ privacy interests (Kelly Cahill, et al. v. Nike, Inc., No. 3:18-cv-01477, D. Ore., 2020 U.S. Dist. LEXIS 49838).

  • March 26, 2020

    Florida Appeals Panel Quashes Discovery Of Nursing Home Patient Records

    TALLAHASSEE, Fla. — Granting in part a nursing home’s petition for certiorari of two discovery orders in a wrongful death lawsuit, a Florida appeals panel on March 24 found that an order requiring the production of certain patient records violated privacy protections of Florida laws and the state’s constitution, also holding that the requested information was not likely to lead to admissible evidence (Saints 120 LLC v. Michaele M. Moore, No. 1D19-973, Fla. App. 1st Dist., 2020 Fla. App. LEXIS 3811).

  • March 26, 2020

    Class Complaint Filed Over Children’s Clothing Maker’s Data Breach

    SAN FRANCISCO — A Virginia couple filed a putative class complaint in California federal court on March 3 against Hanna Andersson LLC, alleging negligence related to a data breach the children’s clothing retailer experienced in 2019 (Krista Gill, et al. v. Hanna Andersson LLC, et al., No. 8:20-cv-01572, N.D. Calif.).

  • March 25, 2020

    Products Liability Suit Over Apple FaceTime Eavesdropping Glitch Dismissed

    HOUSTON — A Texas federal judge on March 24 dismissed for a second time an iPhone user’s negligence and breach of warranty claims against Apple Inc., finding that the plaintiff failed to offer anything more than conclusory allegations in his claims that he was injured by a glitch in Apple’s FaceTime feature that allowed users to eavesdrop on one another (Larry D. Williams II v. Apple Inc., et al., No. 4:19-cv-00782, S.D. Texas).

  • March 25, 2020

    On Remand From High Court, Google Seeks Dismissal Of Referrer Header Privacy Suit

    SAN JOSE, Calif. — In a long-running privacy lawsuit over internet referrer headers that was previously settled, approved, appealed and remanded for a determination of standing under Article III of the U.S. Constitution, Google LLC filed a dismissal motion on remand on March 20, telling a California federal court that the plaintiffs lack standing for failure to allege any concrete harm (In re:  Google Referrer Header Privacy Litigation, No. 5:10-cv-04809, N.D. Calif.).

  • March 23, 2020

    Defense Owed For Suit Alleging Insured Violated Biometric Information Privacy Act

    CHICAGO — An Illinois appeals panel on March 20 affirmed a lower court’s ruling that an insurer has a duty to defend its insured against claims that it violated the Biometric Information Privacy Act, further affirming the lower court’s finding that the insured is not entitled to bad faith damages (West Bend Mutual Insurance Company v. Krishna Schaumburg Tan, Inc., et al., No. 19-1834, Ill. App., 1st Dist., 6th Div., 2020 Ill. App. LEXIS 179).

  • March 23, 2020

    J. Crew Asks 3rd Circuit To Again Affirm Dismissal Of FACTA Lawsuit

    PHILADELPHIA — In a March 18 appellee brief, J. Crew Group Inc. tells the Third Circuit U.S. Court of Appeals that most of the arguments raised by a customer claiming violations of the Fair and Accurate Credit Transactions Act (FACTA) by the printing of too many digits on his credit card receipts were already rejected by the court in a previous appeal six months earlier, urging the court to uphold a third dismissal ruling against the customer (Ahmed Kamal v. J. Crew Group Inc., et al., No. 19-3590, 3rd Cir.).

  • March 20, 2020

    Investor Communications Firm Data Breach Suit Dismissed For Lack Of Jurisdiction

    SAN FRANCISCO — Finding that a New York-based investor communications solutions provider did not avail itself of jurisdiction in California and did not purposefully direct any actions toward the state, a California federal judge on March 18 dismissed a putative class action against the company over a 2019 data breach for lack of personal jurisdiction (Phillip Toretto, et al. v. Mediant Communications Inc., No. 3:19-cv-05208, N.D. Calif., 2020 U.S. Dist. LEXIS 47123).

  • March 20, 2020

    Sonic Seeks To Exclude Data Breach Class’s Experts, Opposes Class Certification

    CLEVELAND — One day after Sonic Corp. filed a brief in Ohio federal court opposing certification for a class of financial institutions (FIs) in a lawsuit over its 2017 data breach, the fast food chain on March 18 filed three motions to exclude the plaintiffs’ class certification experts, citing issues of qualification, relevance and reliability (In re:  Sonic Corp. Customer Data Security Breach, No. 1:17-md-02807, N.D. Ohio).

  • March 19, 2020

    $13 Million Settlement Of Google Street View Privacy Suit Receives Final Approval

    SAN FRANCISCO — Four months after a California federal judge granted initial approval of a $13 million settlement between Google LLC and a putative class suing for privacy violations related to data collection connected to the Google Street View feature, he granted the plaintiffs’ motion for final approval on March 18, overruling objections to the cy pres-only nature of the settlement (In re Google LLC Street View Electronic Communications Litigation, No. 3:10-md-02184, N.D. Calif.).

  • March 19, 2020

    Former DHS Official Indicted On Government Data Trade Secret Theft Charges

    WASHINGTON, D.C. — A former Department of Homeland Security (DHS) acting inspector general has been charged with stealing proprietary software, source code and other information from the DHS containing, among other things, the personally identifiable information (PII) of employees of the DHS and U.S. Postal Service to create software to be sold to the Department of Agriculture, according to an indictment unsealed March 6 in District of Columbia federal court (United States v. Charles Kumar Edwards, et al., No. 20-cr-66, D. D.C.).

  • March 19, 2020

    Citing Settlement, Uber Drivers Ask 9th Circuit To Dismiss Data Hack Suit

    SAN FRANCISCO — More than a month after announcing their settlement with Uber Technologies Inc. of claims arising from a 2014 database hacking incident, two of the ride share company’s former drivers on March 18 filed a motion in the Ninth Circuit U.S. Court of Appeals, seeking to voluntarily dismiss their appeal of a trial court’s third dismissal of their putative class action (Sasha Antman, et al. v. Uber Technologies Inc. No. 18-16100, 9th Cir.).

  • March 17, 2020

    Panel Reverses No Coverage Ruling For Suit Alleging Insured Violated Credit Card Act

    PASADENA, Calif. — The Ninth Circuit U.S. Court of Appeals on March 16 held that an underlying lawsuit asserting that an insured violated California’s Credit Card Act alleged an invasion of privacy that is sufficient to trigger the insurer’s duty to defend, reversing a lower court’s no coverage ruling (Brighton Collectibles, LLC v. Certain Underwriters At Lloyd's London, No. 18-56403, 9th Cir., 2020 U.S. App. LEXIS 8245).

  • March 13, 2020

    ACLU Sues DHS, TSA For Information On Use Of Facial Recognition Technology

    NEW YORK — In a complaint filed March 12 in New York federal court, the American Civil Liberties Union Foundation (ACLU) seeks to compel the U.S. Department of Homeland Security (DHS) and other government agencies to respond to its Freedom of Information Act (FOIA) request for information about the government’s use of facial recognition technology at airports and borders (American Civil Liberties Union, et al. v. U.S. Department of Homeland Security, et al., No. 1:20-cv-02213, S.D. N.Y.).

  • March 12, 2020

    Privacy Exclusion Bars Coverage For Violation Of DPPA Claim, 4th Circuit Affirms

    RICHMOND, Va. — The Fourth Circuit U.S. Court of Appeals on March 10 affirmed a lower federal court’s finding that a business liability insurer has no duty to defend against an underlying lawsuit alleging that a personal injury law firm and its attorney violated the Driver’s Privacy Protection Act (DPPA), rejecting the appellants’ contention that construing the policy exclusions against the insurer and in favor of coverage is required under North Carolina law (Hartford Casualty Insurance Company v. Davis & Gelshenen, et al., No. 19-1578, 4th Cir., 2019 U.S. Dist. LEXIS 75985).

  • March 10, 2020

    Judge:  Facebook ‘View As’ Data Breach Suit Settlement Needs Clarifications

    SAN FRANCISCO — After a hearing on a proposed settlement of class claims over a security breach of Facebook Inc.’s social network via the “view as” feature, a California federal judge on March 5 sent the agreement back to the parties to clarify several items, including confidentiality and court notification procedures for post-settlement compliance assessments (Stephen Adkins v. Facebook, Inc., No. 3:18-cv-05982, N.D. Calif.).

  • March 05, 2020

    Online Game Company Hit With Class Suit After Users’ Data Stolen

    SAN FRANCISCO — A Kansas minor and a Michigan resident filed a class complaint on March 3 in a federal court in California accusing the company that operates online games, including Words With Friends, of failing to safeguard more than 218 million users’ personal information from being hacked in September 2019 (I.C., et al. v. Zynga, Inc., No. 20-1539, N.D. Calif.).

  • March 05, 2020

    9th Circuit Affirms Approval Of Facebook Messenger Privacy Class Action

    SAN FRANCISCO — Two and a half years after a trial court granted final approval of a settlement of a class action over Facebook Inc.’s now-discontinued practice of scanning its users’ private messages (PMs) for certain information, a Ninth Circuit U.S. Court of Appeals panel on March 3 affirmed the approval over one class member’s objections, finding that the injunctive relief attorney fees established by the settlement were proportionate to the claimed privacy injuries (Matthew Campbell, et al. v. Facebook Inc., et al., No. 17-16873, 9th Cir., 2020 U.S. App. LEXIS 6643).