Mealey's Data Privacy

  • January 15, 2021

    UCL Claim Over Social Network’s Data Breach Axed; Negligence Claim Survives                       

    SAN JOSE, Calif. — The last remaining plaintiff in a putative class action against social network operator Quora Inc. saw her lawsuit trimmed to just a single claim for negligence over a 2018 data breach on Dec. 21, when a California federal judge granted summary judgment to the defendant on a claim for violation of California’s unfair competition law (UCL), finding the negligence claim to be an adequate remedy at law to address the plaintiff’s claimed damages.

  • January 14, 2021

    Judge: Class Claims Over YouTube’s Data Collection Preempted By Privacy Law

    SAN JOSE, Calif. — A group of parents suing YouTube LLC and Google LLC (Google, collectively) for the unauthorized collection of children’s personal data failed to allege any claims that are not regulated by the Children’s Online Privacy Protection Act (COPPA), a California federal judge ruled Dec. 21, granting dismissal of class claims under California’s unfair competition law (UCL) and other states’ consumer protection laws as preempted by the federal statute.

  • January 12, 2021

    5th Circuit Reverses Judgment For Former University Coach On Privacy Invasion Claim

    NEW ORLEANS — A federal court in Mississippi erred when it found a university liable for releasing certain communications between it and a fired coach to the press because the termination was partially due to allegedly misusing public funds, which “is a matter of legitimate concern to the public,” a Fifth Circuit U.S. Court of Appeals panel ruled Jan. 6.

  • January 11, 2021

    Certiorari Granted In 2 Cases Pertaining To Privacy Of Nonprofits’ Donor Lists

    WASHINGTON, D.C. — In its Jan. 8 order list, the U.S. Supreme Court granted certiorari to two cases in which nonprofit organizations raised privacy and free speech concerns over a California law that requires them to turn over confidential donor lists to the state’s attorney general (AG).

  • January 08, 2021

    Judge Compels Discovery, Not Arbitration, In Suits Over Zynga Data Breach

    OAKLAND, Calif. — Concluding that some discovery is necessary to determine whether several plaintiffs in three lawsuits over a 2019 hacking incident had assented to an arbitration provision within Zynga Inc.’s terms of service (TOS), a California federal judge on Jan. 6 denied the gaming firm’s motions to compel arbitration in the suits while granting its alternate motions to compel discovery of account information from the plaintiffs.

  • January 07, 2021

    EEOC Wellness Program Rules To Be Published For Review

    WASHINGTON, D.C. — The Equal Employment Opportunity Commission on Jan. 7 announced that it has sent its notices of proposed rulemakings (NPRMs) on wellness programs under the Americans with Disabilities Act (ADA) and the Genetic Information Nondiscrimination Act (GINA) to the Federal Register for publication.

  • January 07, 2021

    Some Class Claims Over Convenience Store Chain’s Data Breach Dismissed

    HARRISBURG, Pa. — Granting in part a motion to dismiss a putative class complaint over a data breach experienced by the Rutter’s convenience store chain, a Pennsylvania federal judge on Jan. 5 found that two of the four named plaintiffs lacked standing for failure to plead a concrete injury, while also disposing of negligence per se and consumer protection claims.

  • January 06, 2021

    Zoom Users Defend Privacy Claims Over Intrusions, Data Sharing

    SAN JOSE, Calif. — Citing what they call “ultra-lax security and privacy practices” of Zoom Video Communications Inc., a group of plaintiffs suing the tech firm for various privacy violations related to its videoconferencing platform brief tell a California federal court in a Dec. 30 that their class complaint should survive dismissal because they “fully allege that Zoom disclosed their” personally identifiable information (PII) to third parties.

  • January 05, 2021

    IT Company Named In Shareholder Stock-Drop Suit Over Russian Hacking Ploy

    SAN ANTONIO — An information technology (IT) company and two of its senior executives misled investors about certain cybersecurity vulnerabilities with the company’s monitoring products in violation of federal securities laws that allowed possible Russian government hacking of U.S. Department of Treasury and Commerce emails, a shareholder alleges in a Jan. 4 securities class action filed in Texas federal court.

  • January 05, 2021

    ADT’s Dismissal Motion Largely Denied In Suit Over Employee’s Privacy Breach

    FORT LAUDERDALE, Fla. — A federal judge in Florida on Dec. 30 granted a dismissal motion as to two of eight claims brought by a consumer in her class complaint against ADT LLC after the security company revealed that that an employee had viewed and downloaded security camera footage from hundreds of Texas customers’ homes.

  • January 04, 2021

    Supporting Facebook In High Court, Amici Defend ‘Common’ Webpage Loading Practice

    WASHINGTON, D.C. — In a Dec. 28 brief supporting a petition for certiorari by Facebook Inc., four amici curiae tell the U.S. Supreme Court that the Ninth Circuit U.S. Court of Appeals’ revival of Wiretap Act claims over Facebook’s purported tracking of users’ activity on third-party webpages “threatens to criminalize computer-to-computer communications that are common and fundamental to the operation of modern webpages.”

  • December 22, 2020

    Rehab Worker’s Privacy Not Violated By Surveillance Video, Georgia High Court Says

    ATLANTA — A rehabilitation center employee had no expectation of privacy in a patient’s room, the Georgia Supreme Court ruled Dec. 21, affirming a trial court’s denial of her motion to suppress the video from a surveillance camera that led to her being indicted for neglecting an elderly patient (Wanda Nuckles v. Georgia, No. S20G0492, Ga. Sup., 2020 Ga. LEXIS 927).

  • December 16, 2020

    Nursing Home Workers’ Biometric Privacy Suit To Remain In Federal Court

    EAST ST. LOUIS — A group of former employees of a nursing home chain saw their bid to remand their putative class complaint alleging violations of the Illinois Biometric Information Privacy Act (BIPA) denied on Dec. 14 by an Illinois federal judge who found that federal subject matter jurisdiction existed under the Class Action Fairness Act (CAFA) and the Labor Management Relations Act (LMRA).

  • December 16, 2020

    Plaintiffs Challenging Contact Tracing Order Opt Against Amending Their Complaint

    LOS ANGELES — Three weeks after a California federal judge dismissed their constitutional claims over a Los Angeles contact tracing order, a restaurant and a private citizen who sued the health officer who issued the order filed a notice of voluntary dismissal of their claims on Dec. 6 rather than amending their complaint (Miura Corp., et al. v. Muntu Davis, M.D., M.P.H., No. 20-5497, C.D. Calif.).

  • December 16, 2020

    Banking Regulators Must Provide Some Documents In Capital One Data Breach Suit

    ALEXANDRIA, Va. — After a thorough in camera review of documents withheld from discovery by two banking regulatory entities under the bank examination privilege, a Virginia federal magistrate judge on Dec. 10 ordered the regulators to submit some of the many documents sought by the plaintiffs in a consolidated class action over a 2019 data breach experienced by Capital One Financial Corp. (In re Capital One Customer Data Security Breach Litigation, No. 19-2915, E.D. Va.).

  • December 15, 2020

    Investor Claims In Twitter Stock-Drop Suit Fall Short Of Pleading Standards

    OAKLAND, Calif. — A federal judge in California on Dec. 12 ruled that lead plaintiffs in a securities class action lawsuit against social media platform Twitter Inc. and two of its senior executives failed to plead any materially false or misleading statements in alleging that the defendants misrepresented that improvements made to the company’s mobile application promotion (MAP) advertising product would generate more revenue for the company in violation of federal securities laws (In re Twitter Inc. Securities Litigation, No. 19-7149, N.D. Calif., 2020 U.S. Dist. LEXIS 232586).

  • December 15, 2020

    Policyholders Say New Law Does Not Affect Data Breach Claims Against Insurer

    WASHINGTON, D.C. — A group of policyholders argue in a Dec. 11 supplemental brief in District of Columbia federal court that the newly enacted Security Breach Protection Act of 2020 does not negatively affect their claims over a 2014 data breach experienced by their insurer, stating that the new District of Columbia statute updates data breach notification requirements but does not negate any of their claims (Chantal Attias, et al. v. CareFirst Inc., et al., No. 15-882, D. D.C.).

  • December 15, 2020

    Panel Affirms Dismissal Of Suit Alleging Insurer Improperly Disclosed Information

    CHICAGO — An Illinois appeals court on Dec. 4 affirmed a lower court’s ruling in favor of an insurer in an insured’s lawsuit alleging that the insurer violated common and statutory law by making improper disclosures of her information, finding that none of the insured’s claims alleges improper disclosures that were unnecessary under state law or the insurance policy (Susan S. Barron v. Great American Assurance Company, et al., Nos. 18-2353 and 19-0656, Ill. App., 1st Dist., 4th Div., 2020 Ill. App. Unpub. LEXIS 2086).

  • December 14, 2020

    Facebook Directed To Provide Deposition Witnesses On Data Use, Monetization

    SAN FRANCISCO — Noting the need for guidance to properly tailor ongoing discovery in a consolidated class action over Facebook Inc.’s sharing of users’ profile data with third-party app developers, a California federal magistrate judge on Dec. 11 directed the social network operator to provide deposition witnesses on the topics of the collection and monetization of user data (In re Facebook Inc., Consumer Privacy User Profile Litigation, No. 18-md-2843, N.D. Calif.).

  • December 11, 2020

    Illinois Woman Tells Court Shutterfly’s Face Scanning Violates Biometrics Law

    CHICAGO — Opposing a motion to dismiss by Shutterfly Inc., one of two named plaintiffs in a putative class complaint against the company filed a brief in Illinois federal court on Dec. 7 asserting that Shutterfly’s facial scanning feature violates the Illinois Biometric Information Privacy Act (BIPA) because it obtains individuals’ biometric identifiers without their consent (Vernita Miracle-Pond, et al. v. Shutterfly Inc., No. 1:19-cv-04722, N.D. Ill.).