Newsletter RSS

Mealey's Data Privacy

  • October 14, 2019

    LinkedIn Asks 9th Circuit To Reconsider Injunction In CFAA Data-Scraping Suit

    SAN FRANCISCO — A panel’s ruling that allowed an analytics firm to collect and use publicly available user data “pose[s] a grave threat to user privacy and the openness of the Internet” and runs counter to the intent of the Computer Fraud and Abuse Act (CFAA), LinkedIn Corp. tells the Ninth Circuit U.S. Court of Appeals in an Oct. 11 petition in which it seeks en banc rehearing of the panel’s decision that upheld an injunction permitting the data collection (hiQ Labs Inc. v. LinkedIn Corp., No. 17-16783, 9th Cir.).

  • October 14, 2019

    Data Breach Class Action Against Compliance Firm Settles For $3 Million

    CHICAGO — A $3 million settlement agreement between a compliance services firm and a class of its clients’ employees whose personally identifiable information (PII) was exposed in a 2018 data breach received final approval from an Illinois federal judge on Oct. 7, the same day a fairness hearing on the agreement was held (Marshall Smith, et al. v. ComplyRight Inc., No. 1:18-cv-04990, N.D. Ill., 2019 U.S. Dist. LEXIS 174217).

  • October 11, 2019

    Facebook Seeks To Appeal Article III Standing Ruling In Data-Sharing Class Action

    SAN FRANCISCO — One month after a California federal judge mostly denied its motion to dismiss class claims against Facebook Inc. over its sharing of users’ personally identifiable information (PII) with an analytics firm, the social network on Oct. 8 moved to certify the ruling for interlocutory appeal, seeking the Ninth Circuit U.S. Court of Appeals’ opinion on whether the plaintiffs’ claimed privacy injury is sufficient to establish standing under Article III of the U.S. Constitution (In re Facebook Inc., Consumer Privacy User Profile Litigation, No. 3:18-md-02843, N.D. Calif.).

  • October 10, 2019

    $13 Million Settlement Of Google Street View Class Action Preliminarily Approved

    SAN FRANCISCO — The settlement of a nine-year-old privacy lawsuit over Google LLC’s Street View feature received preliminary approval on Oct. 9 from a California federal judge, who found that the proposed class established standing under Article III of the U.S. Constitution and deemed the proposed $13 million settlement agreement to be “likely fair, reasonable, and adequate” (In re Google LLC Street View Electronic Communications Litigation, No. 3:10-md-02184, N.D. Calif.).

  • October 09, 2019

    11th Circuit Grants Rehearing En Banc In Godiva FCRA Lawsuit

    ATLANTA — An en banc 11th Circuit U.S. Court of Appeals will rehear the appeal of a $6.3 million settlement by Godiva Chocolatier Inc. to end class claims that it violated the Fair Credit Reporting Act (FCRA) by printing more than five digits of credit card numbers on receipts, a majority of the 11th Circuit ruled Oct. 4 (James H. Price, et al. v. Godiva Chocolatier, Inc., No. 16-16486, 11th Cir., 2019 U.S. App. LEXIS 30027).

  • October 08, 2019

    Plaintiffs, Franchisor Oppose Production Of Confidential Spyware Suit Settlement

    ERIE, Pa. — On Oct. 4, a Wyoming couple who sued a rent-to-own (RTO) franchisor and franchisee over the installation of spyware on their laptop jointly filed a brief with the franchisor, with whom they recently settled their claims, opposing the franchisee’s motion to compel production of the confidential settlement agreement, asserting that a settlement is irrelevant to any remaining claims and defenses in the case (Crystal Byrd, et al. v. Aaron’s Inc., et al., No. 1:11-cv-00101, W.D. Pa.).

  • October 04, 2019

    Class Opposes Rehearing In Appeal Of Facebook Privacy Certification Ruling

    SAN FRANCISCO — A class suing Facebook Inc. for violating an Illinois privacy law with its “tag suggestions” photo-tagging feature filed a brief on Oct. 1 asking the Ninth Circuit U.S. Court of Appeals to deny the social network’s petition to rehear en banc a panel’s affirming a trial court’s certification of the class, arguing that the ruling did not create any splits and did not invoke any questions of exceptional importance (In re Facebook Biometric Information Privacy Litigation, No. 18-15982, 9th Cir.).

  • October 03, 2019

    Union Asks D.C. Circuit To Deny OPM’s Rehearing Motion In Data Breach Suit

    WASHINGTON, D.C. — A District of Columbia Circuit U.S. Court of Appeals panel correctly reversed the dismissal of its privacy and negligence claims against the U.S. Office of Personnel Management (OPM) and one of its contractors related to a 2015 data breach, a plaintiff labor union and a group of government employees assert in a Sept. 30 brief opposing the agency’s motion for rehearing, arguing that the appeals court correctly found that the plaintiffs have standing to sue based on identity theft and fraud that they have already experienced as a result of their personally identifiable information (PII) being stolen in the breach (In Re:  U.S. Office of Personnel Management Data Security Breach Litigation, Nos. 17-5217 & 17-5232, D.C. Cir.).

  • October 03, 2019

    Convicted Killer Loses Daubert Challenge Over Cell Phone Tower Testimony

    ANCHORAGE, Alaska — An Alaska federal judge on Oct. 1 denied a petition for a writ of habeas corpus filed by a man convicted of murdering his ex-girlfriend, finding that he is not entitled to relief on the ground that the state trial court erred by not holding a hearing under Daubert v. Merrell Dow Pharmaceuticals Inc., 509 U.S. 579 (1993), to review an expert’s cell phone tower testimony (Bukurim Miftari v. Earl Houser, No. 3:19-cv-00091, D. Alaska, 2019 U.S. Dist. LEXIS 170018).

  • October 02, 2019

    Capital One Data Breach Suits Centralized In Virginia Federal Court

    WASHINGTON, D.C. — The U.S. Judicial Panel on Multidistrict Litigation (JPMDL) issued a transfer order on Oct. 2, centralizing 21 class actions over the recently announced data breach experienced by Capital One Financial Corp. in Virginia federal court (In re Capital One Customer Data Security Breach Litigation, No. 2915, JPMDL).

  • October 02, 2019

    Marriott Seeks Dismissal, Discovery Related To Bank’s Data Breach Class Claims

    GREENBELT, Md. — Marriott International Inc. filed a reply brief Sept. 27 supporting its motion to dismiss a Louisiana bank’s complaint, which is part of a multidistrict litigation over a data breach the hotel chain announced a year ago, telling a Maryland federal court that the bank’s negligence claims are precluded under the economic loss doctrine and arguing that recently submitted documents cast doubt upon the bank’s standing, thus necessitating discovery on the matter (In re:  Marriott International Inc. Customer Data Security Breach Litigation, No. 8:19-md-02879, D. Md.).

  • October 01, 2019

    Employer Agrees To Provide Identity Theft Protection After W-2s Released

    PHILADELPHIA — A federal judge in Pennsylvania on Sept. 24 granted final approval to a data theft class settlement between an employer and its employees that will provide identity theft protection and monetary payments of up to $1,500 if the class members show their stolen data was used following the release of their W-2s by another employee (Tashica Fulton-Green, et al. v. Accolade, Inc., No. 18-274, E.D. Pa., 2019 U.S. Dist. LEXIS 164375).

  • September 30, 2019

    No Actionable Misstatement Leads To Dismissal Of Facebook Investor Claims

    SAN JOSE, Calif. — A federal judge in California on Sept. 25 ruled that lead plaintiffs in a consolidated securities class action against social media networking website Facebook Inc. and several of its senior executives failed to sufficiently plead an actionable misrepresentation or omission concerning 35 of 36 alleged misstatements in violation of federal securities laws made concerning the company’s privacy and data protection practices (In re Facebook Inc. Securities Litigation, No. 18-1725, N.D. Calif., 2019 U.S. Dist. LEXIS 166027).

  • September 25, 2019

    Kansas Secretary Of State Denies Privacy Violations In Voter Data Sharing

    KANSAS CITY, Kan. — Two weeks after a Kansas federal judge denied their motions to amend and reconsider a ruling allowing state residents’ privacy claims related to a voter data-sharing program to proceed, the Kansas secretary of State (KSOS) and his predecessor teamed up to file an answer to their complaint on Sept. 19, denying the constitutional and state law claims against them (Scott Moore, et al. v. Kris Kobach, et al., No. 2:18-cv-02329, D. Kan.).

  • September 25, 2019

    Class In Zappos Data Breach Suit To Receive Discount Codes In Settlement

    RENO, Nev. — A Nevada federal judge on Sept. 19 preliminarily approved the settlement of a seven-year-old class action against online retailer Zappos.com Inc. over a 2012 data breach, under which the settlement class members will each receive a one-time discount code that they can use to make online purchases from Zappos (In Re Zappos.com Inc., Customer Data Security Breach Litigation, No. 3:12-cv-00325, D. Nev.).

  • September 24, 2019

    Home Depot, Banks Bicker Over Attorney Fees Award In Remanded Data Breach Suit

    ATLANTA — Two years after Home Depot Inc. and a class of financial institution (FI) plaintiffs reached a $25 million settlement over the home supply company’s 2014 data breach, the parties submitted filings in Georgia federal court on Sept. 23, disputing how the court’s previous attorney fees award is affected by an 11th Circuit U.S. Court of Appeals ruling that partly reversed it (In Re:  The Home Depot Inc., Customer Data Security Breach Litigation, No. 1:14-md-02583, D. Ga.).

  • September 24, 2019

    Capital One Data Breach Plaintiff Asks JPMDL To Consolidate In Virginia

    WASHINGTON, D.C. — With at least 61 lawsuits filed in the wake of the data breach announced by Capital One Financial Corp. in July, a health services company on Sept. 16 became the latest plaintiff to argue in favor of consolidation, telling the U.S. Judicial Panel on Multidistrict Litigation (JPMDL) that a Virginia federal court is the most appropriate venue (In re:  Capital One Consumer Data Security Breach Litigation, No. 2915, JPMDL).

  • September 23, 2019

    Pa. County Challenges Estimated $68M Class Verdict In Inmate Search Tool Case

    PHILADELPHIA — A Pennsylvania county and its correctional facility, in two separate reply briefs filed Sept. 20, asked a federal judge in Pennsylvania to issue judgment as a matter of law,  order a new trial or grant a motion for remittitur, following a May 28 jury verdict awarding what is estimated to equal $68 million to a class of inmates who sued over an online search tool that provided the public with their mugshots and arrest information (Daryoush Taha v. Bucks County, et al., No. 12-6867, E.D. Pa.).

  • September 19, 2019

    Amended Complaint Filed Against Amazon Over Alexa Children’s Privacy Concerns

    LOS ANGELES— A minor California resident filed a first amended complaint (FAC) against Amazon.com Inc. in California federal court on Sept. 18, alleging violation of a state privacy law via the unauthorized recording of children’s voices through Amazon’s digital assistant Alexa (R.A. v. Amazon.com Inc., et al., No. 2:19-cv-06454, C.D. Calif.).

  • September 19, 2019

    Chamber Of Commerce Supports Facebook’s Rehearing Bid In Biometric Privacy Suit

    SAN FRANCISCO — The U.S. Chamber of Commerce was one of five amici curiae that filed briefs Sept. 16 supporting Facebook Inc.’s petition for rehearing, asking the Ninth Circuit U.S. Court of Appeals to reconsider a panel’s ruling that affirmed certification of a class seeking damages under the Illinois Biometric Information Privacy Act (BIPA), with the chamber arguing that certification was improper because the plaintiffs have not pleaded any harm from the social network’s use of facial recognition technology in its “Tag Suggestions” feature (In re Facebook Biometric Information Privacy Litigation, No. 18-15982, 9th Cir.).