CLEVELAND — An Ohio federal judge’s decision to permit financial institutions (FIs) to pursue negligence claims against Sonic Corp. over a 2017 data breach will stand, the judge ruled Jan. 19, denying the fast food chain’s motion for reconsideration and finding no merit to Sonic’s assertion that the economic loss doctrine should have been applied to bar the banks’ claim.
CHICAGO — A class complaint accusing an artificial intelligence company of violating a single section of the Illinois Biometric Information Privacy Act (BIPA) by secretly creating a database of more than three billion facial scans on behalf of a class that includes only those who suffered no injury belongs in Illinois state court, a Seventh Circuit U.S. Court of Appeals panel ruled Jan. 14, affirming a trial court’s decision and finding that it “know[s] of nothing that would prevent a putative class representative from taking a conservative approach to class definition.”
SAN JOSE, Calif. — The last remaining plaintiff in a putative class action against social network operator Quora Inc. saw her lawsuit trimmed to just a single claim for negligence over a 2018 data breach on Dec. 21, when a California federal judge granted summary judgment to the defendant on a claim for violation of California’s unfair competition law (UCL), finding the negligence claim to be an adequate remedy at law to address the plaintiff’s claimed damages.
SAN JOSE, Calif. — A group of parents suing YouTube LLC and Google LLC (Google, collectively) for the unauthorized collection of children’s personal data failed to allege any claims that are not regulated by the Children’s Online Privacy Protection Act (COPPA), a California federal judge ruled Dec. 21, granting dismissal of class claims under California’s unfair competition law (UCL) and other states’ consumer protection laws as preempted by the federal statute.
NEW ORLEANS — A federal court in Mississippi erred when it found a university liable for releasing certain communications between it and a fired coach to the press because the termination was partially due to allegedly misusing public funds, which “is a matter of legitimate concern to the public,” a Fifth Circuit U.S. Court of Appeals panel ruled Jan. 6.
WASHINGTON, D.C. — In its Jan. 8 order list, the U.S. Supreme Court granted certiorari to two cases in which nonprofit organizations raised privacy and free speech concerns over a California law that requires them to turn over confidential donor lists to the state’s attorney general (AG).
OAKLAND, Calif. — Concluding that some discovery is necessary to determine whether several plaintiffs in three lawsuits over a 2019 hacking incident had assented to an arbitration provision within Zynga Inc.’s terms of service (TOS), a California federal judge on Jan. 6 denied the gaming firm’s motions to compel arbitration in the suits while granting its alternate motions to compel discovery of account information from the plaintiffs.
WASHINGTON, D.C. — The Equal Employment Opportunity Commission on Jan. 7 announced that it has sent its notices of proposed rulemakings (NPRMs) on wellness programs under the Americans with Disabilities Act (ADA) and the Genetic Information Nondiscrimination Act (GINA) to the Federal Register for publication.
HARRISBURG, Pa. — Granting in part a motion to dismiss a putative class complaint over a data breach experienced by the Rutter’s convenience store chain, a Pennsylvania federal judge on Jan. 5 found that two of the four named plaintiffs lacked standing for failure to plead a concrete injury, while also disposing of negligence per se and consumer protection claims.
SAN JOSE, Calif. — Citing what they call “ultra-lax security and privacy practices” of Zoom Video Communications Inc., a group of plaintiffs suing the tech firm for various privacy violations related to its videoconferencing platform brief tell a California federal court in a Dec. 30 that their class complaint should survive dismissal because they “fully allege that Zoom disclosed their” personally identifiable information (PII) to third parties.
SAN ANTONIO — An information technology (IT) company and two of its senior executives misled investors about certain cybersecurity vulnerabilities with the company’s monitoring products in violation of federal securities laws that allowed possible Russian government hacking of U.S. Department of Treasury and Commerce emails, a shareholder alleges in a Jan. 4 securities class action filed in Texas federal court.
FORT LAUDERDALE, Fla. — A federal judge in Florida on Dec. 30 granted a dismissal motion as to two of eight claims brought by a consumer in her class complaint against ADT LLC after the security company revealed that that an employee had viewed and downloaded security camera footage from hundreds of Texas customers’ homes.
WASHINGTON, D.C. — In a Dec. 28 brief supporting a petition for certiorari by Facebook Inc., four amici curiae tell the U.S. Supreme Court that the Ninth Circuit U.S. Court of Appeals’ revival of Wiretap Act claims over Facebook’s purported tracking of users’ activity on third-party webpages “threatens to criminalize computer-to-computer communications that are common and fundamental to the operation of modern webpages.”
ATLANTA — A rehabilitation center employee had no expectation of privacy in a patient’s room, the Georgia Supreme Court ruled Dec. 21, affirming a trial court’s denial of her motion to suppress the video from a surveillance camera that led to her being indicted for neglecting an elderly patient (Wanda Nuckles v. Georgia, No. S20G0492, Ga. Sup., 2020 Ga. LEXIS 927).
EAST ST. LOUIS — A group of former employees of a nursing home chain saw their bid to remand their putative class complaint alleging violations of the Illinois Biometric Information Privacy Act (BIPA) denied on Dec. 14 by an Illinois federal judge who found that federal subject matter jurisdiction existed under the Class Action Fairness Act (CAFA) and the Labor Management Relations Act (LMRA).
LOS ANGELES — Three weeks after a California federal judge dismissed their constitutional claims over a Los Angeles contact tracing order, a restaurant and a private citizen who sued the health officer who issued the order filed a notice of voluntary dismissal of their claims on Dec. 6 rather than amending their complaint (Miura Corp., et al. v. Muntu Davis, M.D., M.P.H., No. 20-5497, C.D. Calif.).
ALEXANDRIA, Va. — After a thorough in camera review of documents withheld from discovery by two banking regulatory entities under the bank examination privilege, a Virginia federal magistrate judge on Dec. 10 ordered the regulators to submit some of the many documents sought by the plaintiffs in a consolidated class action over a 2019 data breach experienced by Capital One Financial Corp. (In re Capital One Customer Data Security Breach Litigation, No. 19-2915, E.D. Va.).
OAKLAND, Calif. — A federal judge in California on Dec. 12 ruled that lead plaintiffs in a securities class action lawsuit against social media platform Twitter Inc. and two of its senior executives failed to plead any materially false or misleading statements in alleging that the defendants misrepresented that improvements made to the company’s mobile application promotion (MAP) advertising product would generate more revenue for the company in violation of federal securities laws (In re Twitter Inc. Securities Litigation, No. 19-7149, N.D. Calif., 2020 U.S. Dist. LEXIS 232586).
WASHINGTON, D.C. — A group of policyholders argue in a Dec. 11 supplemental brief in District of Columbia federal court that the newly enacted Security Breach Protection Act of 2020 does not negatively affect their claims over a 2014 data breach experienced by their insurer, stating that the new District of Columbia statute updates data breach notification requirements but does not negate any of their claims (Chantal Attias, et al. v. CareFirst Inc., et al., No. 15-882, D. D.C.).
CHICAGO — An Illinois appeals court on Dec. 4 affirmed a lower court’s ruling in favor of an insurer in an insured’s lawsuit alleging that the insurer violated common and statutory law by making improper disclosures of her information, finding that none of the insured’s claims alleges improper disclosures that were unnecessary under state law or the insurance policy (Susan S. Barron v. Great American Assurance Company, et al., Nos. 18-2353 and 19-0656, Ill. App., 1st Dist., 4th Div., 2020 Ill. App. Unpub. LEXIS 2086).