Mealey's Data Privacy

  • March 24, 2017

    New Expert Report In Spying Software Suit Struck, Deemed To Be Too Late

    ERIE, Pa. — A second expert report filed by the lead plaintiffs in a proposed class action over spying software when they filed their reply brief in support of their renewed motion for class certification was filed too late, a Pennsylvania federal magistrate judge ruled March 22, striking the new report (Crystal Byrd, et al. v. Aaron’s, Inc., et al., No. 11-101, W.D. Pa., 2017 U.S. Dist. LEXIS 41030).

  • March 22, 2017

    Samsung Hit With Class Complaint Over Smart TV Eavesdropping

    NEWARK, N.J.  — An owner of smart TVs made by Samsung Electronics America Inc. filed a putative class complaint against the manufacturer in New Jersey federal court March 10, alleging that consumers’ private conversations were secretly recorded and intercepted, in violation of the New Jersey Consumer Fraud Act (CFA) and federal privacy laws (Joshua Siegel v. Samsung Electronics America Inc., No. 2:17-cv-01687, D. N.J.).

  • March 22, 2017

    Amici To 9th Circuit: Personal Info Should Be Redacted From Fetal Tissue Records

    SAN FRANCISCO — Researchers, civil rights organizations and physicians on March 16 filed amicus curiae briefs in the Ninth Circuit U.S. Court of Appeals supporting a trial court’s preliminary injunction ordering the redaction of individuals’ personally identifiable information (PII) from responsive documents in an anti-abortion advocate’s public records request related to fetal tissue research (Jane Does 1-10, et al. v. David Daleiden, et al., No. 16-36038, 9th Cir.).

  • March 21, 2017

    COMMENTARY: Protecting Company Assets With Cyber Liability Insurance

    By Eileen Garczynski, Ames & Gough and Syed Ahmad, Hunton & Williams LLP

  • March 20, 2017

    Federal Judge: Computer Fraud Policy Provision Does Not Cover Insured’s Loss

    ATLANTA — A federal court in Georgia on March 20 entered judgment in favor of an insurer on an insured’s breach of contract and bad faith claims four days after a judge found that the insured’s losses arising from a 2014 hacking incident of its payment-card reloading system did not trigger coverage under the insurance policy’s computer fraud provision (InComm Holdings Inc., et al. v. Great American Insurance Co., No. 15-02671, N.D. Ga., 2017 U.S. Dist. LEXIS 38132).

  • March 17, 2017

    Judge Denies Approval Of Google Email-Scanning Class Settlement

    SAN JOSE, Calif. — In a March 15 order, a California federal judge denied preliminary approval of a proposed settlement of a class action over Google Inc.’s practice of scanning emails of non-Gmail users, faulting the lack of clear notice and disclosures in the settlement and finding it unclear that the settlement is “fundamentally fair, adequate, and reasonable” (Daniel Matera, et al. v. Google Inc., No. 5:15-cv-04062, N.D. Calif., 2017 U.S. Dist. LEXIS 37370).

  • March 16, 2017

    DOJ Announces Indictment Of Russian Nationals In Yahoo Hacking Incidents

    SAN FRANCISCO — In a March 15 press release, the U.S. Department of Justice announced that a California federal grand jury has indicted four individuals for computer fraud, trade secret theft and related charges in connection with the recently announced breaches of Yahoo Inc.’s network, including two officers in Russia’s Federal Security Service (FSB) (United States of America v. Dimitry Dokuchaev, et al., No. 17-278, N.D. Calif.).

  • March 13, 2017

    Class Suit Over Costco Employment Application’s FCRA Disclosure Will Proceed

    SEATTLE — A Washington federal judge on March 10 denied a motion to dismiss filed by Costco Wholesale Corp. in a class complaint accusing the retailer of violating the Fair Credit Reporting Act (FCRA) by failing to provide a full and correct disclosure when requesting authorization to conduct background checks of job applicants (Julius Terrell v. Costco Wholesale Corp., No. 16-1415, W.D. Wash., 2017 U.S. Dist. LEXIS 34821).

  • March 13, 2017

    Sex Toy Maker Seeks To Settle Privacy Suit For $3.75 Million

    CHICAGO — A sex toy maker accused of wrongfully collecting highly sensitive personal information about its consumers’ usage of its products seeks to settle a class complaint for approximately $3.75 million, the plaintiffs state in a motion for preliminary approval of the class action settlement filed March 9 in an Illinois federal court (N.P., et al. v. Standard Innovation [US], Corp., d/b/a We-Vibe, No. 16-8655, N.D. Ill.).

  • March 9, 2017

    Banks Seek Approval Of $27.2 Million Settlement In Home Depot Data Breach Suit

    ATLANTA — A putative class of banks and financial institutions (FIs) on March 8 filed an unopposed proposed settlement of their claims against The Home Depot Inc. arising from a 2014 data breach, asking a Georgia federal court to approve the $27.2 million settlement that they state was the result of good-faith arm’s-length negotiations with the retailer (In re:  The Home Depot Inc., Customer Data Security Breach Litigation, No. 1:14-md-02583, N.D. Ga.).

  • March 9, 2017

    Citing WikiLeaks Releases, Plaintiffs Seek Conference In NSA Data Collection Suits

    WASHINGTON, D.C.— Noting purportedly classified documents regarding the Central Intelligence Agency’s surveillance activities, which were released in “document dumps” by WikiLeaks, the plaintiffs in two lawsuits over similar activities by the National Security Agency (NSA) on March 8 moved for an emergency status conference in District of Columbia federal court to address the intelligence community’s continuing violations and to initiate discovery proceedings so the four-year-old lawsuits can move forward (Larry Elliott Klayman, et al. v. Barack Obama, et al., Nos. 1:13-cv-00851 and 1:13-cv-00881, D. D.C.).

  • March 8, 2017

    Nationwide Seeks Stay Of Discovery In Remanded Data Breach Class Actions

    COLUMBUS, Ohio — In a March 2 motion in Ohio federal court, Nationwide Mutual Insurance Co. requests reconsideration of an earlier ruling declining to stay discovery in a pair of class actions over a 2012 data breach, arguing that the claims under the Fair Credit Reporting Act (FCRA) will likely be dismissed and calling the plaintiffs’ discovery requests broad and burdensome (Mohammad S. Galaria, et al. v. Nationwide Mutual Insurance Co., No. 2:13-cv-00118, and Anthony Hancox, et al. v. Nationwide Mutual Insurance Co., No. 2:13-cv-00257, S.D. Ohio).

  • March 7, 2017

    After Customer Consents, Amazon Submits Echo Data In Arkansas Murder Case

    BENTONVILLE, Ark. — In an Arkansas judge’s March 6 order, it was disclosed that Inc. submitted to law enforcement the recordings from an Amazon Echo device belonging to a murder defendant in compliance with a police warrant that Amazon previously sought to quash under privacy and free speech concerns (State of Arkansas v. James A. Bates, No. CR-2016-370-2, Ark. Cir., Benton Co.).

  • March 7, 2017

    Amici Argue Privacy Concerns Over Electric Smart Meters In 7th Circuit Brief

    CHICAGO — In an amicus curiae brief filed Feb. 28 in the Seventh Circuit U.S. Court of Appeals, two nonprofit public advocacy groups argue that smart electric meters installed in an Illinois city present concerns under the Fourth Amendment to the U.S. Constitution because of the volume and specificity of information collected about customers’ in-home activities (Naperville Smart Meter Awareness v. City of Naperville, No. 16-3766, 7th Cir.).

  • March 6, 2017

    Vizio Smart TV Video Privacy Class Claim To Proceed; Wiretap Claim Dismissed

    SANTA ANA, Calif. — Finding that Vizio Inc. qualifies as a “video tape service provider” under the Video Privacy Protection Act (VPPA), a California federal judge on March 2 denied dismissal of a putative class claim under the statute for the purported disclosure of consumers’ personally identifiable information (PII) via the firm’s smart TVs (In Re:  Vizio, Inc., Consumer Privacy Litigation, No. 8:16-ml-02693, C.D. Calif.).

  • March 3, 2017

    California High Court: Texts, Emails On Private Accounts Subject To Disclosure

    SAN FRANCISCO — Government agencies’ “[e]mployees’ communications about official agency business may be subject to” disclosure under the California Public Records Act (CPRA) even if they were sent or received via personal email or phone accounts, the California Supreme Court ruled March 2, reversing and remanding an appeals court’s decision (City of San Jose, et al. v. The Superior Court of Santa Clara County and Ted Smith, No. S218066, Calif. Sup., 2017 Cal. LEXIS 1607).

  • March 2, 2017

    Chicago Moves To Quash Some Discovery In DPPA Suit Against Newspaper

    CHICAGO — The city of Chicago on Feb. 28 asked an Illinois federal court to quash some of the discovery requests served on it by a newspaper alleged to have violated the Driver's Privacy Protection Act (DPPA), arguing that some of the documents are protected by an earlier court order and the attorney-client privilege (Scott Dahlstrom, et al. v. Sun-Times Media LLC, No. 1:12-cv-00658, N.D. Ill.).

  • March 2, 2017

    Class In Facebook Message-Scanning Suit Seeks Approval Of Settlement

    OAKLAND, Calif. — In a March 1 motion in California federal court, the plaintiffs in a class action accusing Facebook Inc. of privacy violations in its scanning of users’ private messages (PMs) seek preliminary approval of a settlement with the social network, noting changes that Facebook has made to its allegedly illegal practices (Matthew Campbell, et al. v. Facebook Inc., No. 4:13-cv-05996, N.D. Calif.).

  • March 1, 2017

    Suits Over ‘Google Photos’ Feature Under Illinois Biometric Law Survive Dismissal

    CHICAGO — An Illinois federal judge on Feb. 27 denied a motion by Google Inc. to dismiss two putative class complaints alleging that it violated Illinois’ Biometric Information Privacy Act (BIPA) via facial recognition capability in its “Google Photos” feature, with the judge finding that the plaintiffs sufficiently alleged that Google collected their “biometric identifiers” (Lindabeth Rivera v. Google Inc., No. 1:16-cv-02714, and Joseph Weiss v. Google Inc., No. 1:16-cv-02870, N.D. Ill., 2017 U.S. Dist. LEXIS 27276).

  • March 1, 2017

    Montana Credit Union Files Class Suit Against Arby’s Over Data Breach

    ATLANTA — Arby’s Restaurant Group Inc., a fast food chain, failed to take reasonable measures to protect customer data, a Montana federal credit union claims in its Feb. 27 class complaint filed in the U.S. District Court for the Northern District of Georgia (Valley Federal Credit Union of Montana, et al. v. Arby’s Restaurant Group, Inc., No. 17-715, N.D. Ga.).