Mealey's Data Privacy

  • November 02, 2020

    Preliminary Approval Of $16M Settlement Granted In Student Disclosure Suit

    LOS ANGELES — A federal judge in California on Sept. 16 granted preliminary approval of a $16 million settlement to be paid by ACT Inc. to end a class complaint alleging disclosure of information regarding certain ACT examinees’ disability status to colleges and scholarship organizations and denying certain examinees with disabilities an equal opportunity to participate in its Educational Opportunity Service (EOS) program (Halie Bloom, et al. v. ACT, Inc., No. 18-6749, C.D. Calif.).

  • November 02, 2020

    Facebook’s Discovery To Include Third-Party Data Use In Profile Data-Sharing Suit

    SAN FRANCISCO — Deeming the scope of discovery proposed by Facebook Inc. to be “restrictive” and “limited,” a California federal magistrate judge overseeing discovery in a consolidated class action over Facebook’s sharing of users’ profile data with third-party app developers issued an order on Oct. 29 directing the social network operator to produce data it shared related to users’ activity both on and off of its platform (In re Facebook Inc., Consumer Privacy User Profile Litigation, No. 18-md-2843, N.D. Calif.).

  • October 28, 2020

    IT Firm Mostly Denied Dismissal Motion In Marriott Data Breach Suit

    GREENBELT, Md. — The bellwether plaintiffs in a consolidated class complaint over Marriott International Inc.’s massive four-year data breach have sufficiently pleaded most of their negligence claims against an information technology (IT) company co-defendant that provided services to a Marriott subsidiary, a Maryland federal judge ruled Oct. 26, denying the company’s dismissal motion on five out of six bellwether claims (In re:  Marriott International Inc. Customer Data Security Breach Litigation, No. 19-2879, D. Md.).

  • October 26, 2020

    Magistrate Won’t Compel Testimony From Capitol One’s CIO In Data Breach Suit

    ALEXANDRIA, Va. — The plaintiffs suing Capital One Financial Corp. over its 2019 data breach failed in their bid to obtain further testimony from the credit card issuer’s chief information officer (CIO) on Oct. 16, when a Virginia federal magistrate judge denied their motion to compel answers to deposition questions that they said were wrongly withheld under the bank examination privilege (In re Capital One Customer Data Security Breach Litigation, No. 19-2915, E.D. Va.).

  • October 23, 2020

    Judge Refers Professional Services Coverage Suit To Mediation After Coverage Ruling

    LOS ANGELES — Two days after ruling that FedEx Office and Print Services Inc. is entitled to coverage for underlying class actions alleging that it violated the Fair and Accurate Credit Transactions Act (FACTA), a federal judge in California on Oct. 22 ordered FedEx and its professional solutions insurer to private mediation (FedEx Office and Print Services, Inc. v. Continental Casualty Company, No. 20-4799, C.D. Calif.).

  • October 23, 2020

    9th Circuit:  Loan Servicer’s Access Of Credit Reports Did Not Violate Statute

    SAN FRANCISCO — The Ninth Circuit U.S. Court of Appeals on Oct. 20 affirmed a federal judge in Nevada’s ruling that Ocwen Loan Servicing LLC did not violate the Fair Credit Reporting Act (FCRA) when accessing credit reports of borrowers whose mortgage loans were discharged in bankruptcy proceedings, finding that the loan servicer obtained the information to determine whether the borrowers were eligible for loss mitigation.

  • October 22, 2020

    Former Patient Voluntarily Dismisses Suit Over Rehab Facility’s Data Breach

    SANTA ANA, Calif. — Seven months after a Pennsylvania man sued a substance abuse rehabilitation facility where he once received treatment, the plaintiff on Oct. 21 filed a notice of voluntary dismissal in California federal court, bringing an end to his privacy and unfair competition claims over a data breach that compromised his personal information (Hector Fuentes v. Sunshine Behavioral Health Group LLC, No. 20-487, C.D. Calif.).

  • October 22, 2020

    Amazon, Minors Brief 9th Circuit On Whether Wiretap Claims Must Be Arbitrated

    SAN FRANCISCO — The parents of a group of minor plaintiffs who sued over the collection of voice recordings by the “Alexa” digital assistant are attempting to avoid an arbitration requirement by filing suit in their children’s names, Amazon.com Inc. argues in a Sept. 24 reply brief, asking the Ninth Circuit U.S. Court of Appeals to reverse a trial court’s finding that the minors, as nonsignatories, were not bound by the online retailer’s terms of service (TOS) (B.F., et al. v. Amazon.com Inc., et al., No. 20-35359, 9th Cir.).

  • October 21, 2020

    Spyware Firm May Pursue Immunity Appeal In WhatsApp Computer Fraud Suit

    SAN FRANCISCO — A spyware firm may proceed with its interlocutory appeal of a trial court judge’s ruling that it was not entitled to sovereign immunity in a computer fraud lawsuit a Ninth Circuit U.S. Court of Appeals panel ruled Oct. 16, denying a motion by WhatsApp Inc. to dismiss the appeal for lack of jurisdiction (WhatsApp Inc., et al. v. NSO Group Technologies Limited, et al., No. 20-16408, 9th Cir., 2020 U.S. App. LEXIS 32787).

  • October 19, 2020

    Google, Plaintiffs Defend Street View Privacy Cy Pres Settlement In 9th Circuit

    SAN FRANCISCO — A trial court judge correctly found that the distribution of a $13 million settlement fund of a long-running privacy class action over Google LLC’s “Street View” feature would be infeasible, Google and the named plaintiffs argued in their respective appellee briefs on Oct. 13, asking to the Ninth Circuit U.S. Court of Appeals to find that the settlement’s cy pres-only nature was appropriate, despite the representations of an objecting class member (In re Google LLC Street View Electronic Communications Litigation [Benjamin Joffe, et al. v. Google Inc.], No. 20-15616, 9th Cir.).

  • October 19, 2020

    Federal Judge Grants Stipulation To File Disability Record Under Seal

    TACOMA, Wash. — A Washington federal judge on Oct. 16 granted a joint stipulation to file the administrative record in a disability dispute under seal, agreeing with the parties that the need to protect the disability claimant’s privacy is a compelling reason to file the record under seal (Randolff Scott Ruffell Westover v. Life Insurance Company of North America, No. 20-5606, W.D. Wash., 2020 U.S. Dist. LEXIS 192304).

  • October 19, 2020

    Chicago’s Discovery Responses Recommended In Marriott Data Breach Suit

    GREENBELT, Md. — A Maryland federal judge on Oct. 14 recommended that Chicago be ordered to provide responses to interrogatories and requests for production (RFPs) served by Marriott International Inc. in a consolidated lawsuit brought by the city and other plaintiffs over a massive data breach experienced by the hotel chain (In re:  Marriott International Inc. Customer Data Security Breach Litigation, No. 8:19-md-02879, D. Md.).

  • October 16, 2020

    Facebook Seeks Dismissal Of U.K. Plaintiffs, Discovery Limits In User Profile Suit

    SAN FRANCISCO — Two newly added plaintiffs from the United Kingdom should be dismissed from the consolidated lawsuit over the sharing of social network users’ profile data with third parties, Facebook Inc. argues in an Oct. 13 reply brief, telling a California federal court that applicable forum selection clauses preclude inclusion of the foreign plaintiffs in the putative class action (In re Facebook Inc., Consumer Privacy User Profile Litigation, No. 18-md-2843, N.D. Calif.).

  • October 14, 2020

    Biometric Data Class Suit Against Hooters Stayed Pending Arbitration

    PEORIA, Ill. — A federal judge in Illinois on Oct. 8 partially granted a motion by a restaurant chain to dismiss or stay a class complaint over its collection of employees biometric data via its timekeeping system and staying proceedings pending arbitration, ruling that the agreement leaves to an arbitrator to decide the enforceability (Austin Kuznik, et al. v. Hooters of America, LLC, et al., No. 20-1255, C.D. Ill., 2020 U.S. Dist. LEXIS 186548).

  • October 14, 2020

    Insurer Asks 9th Circuit To Reverse ‘Excessive’ Attorney Fee Award In Favor Of Yahoo

    SAN FRANCISCO — In a Sept. 16 cross-appeal filed in the Ninth Circuit U.S. Court of Appeals, a commercial general liability insurer argues that Yahoo forfeited its claim to $618,380 in attorney fees under Brandt v. Superior Court in their data privacy coverage dispute but defends the lower court’s ruling that the policy’s deductible coverage endorsement is enforceable and precludes coverage for additional damages (Yahoo! Inc. v. National Union Fire Insurance Company of Pittsburgh, PA, No. 19-16475, 9th Cir.).

  • October 13, 2020

    Settlement Conference Set For Target’s Coverage Suit Over Data Breach Settlement

    MINNEAPOLIS — A magistrate judge in Minnesota on Oct. 5 said that a settlement conference will be held before him on Oct. 28 in Target’s breach of contract lawsuit seeking coverage for its settlement with a group of financial institutions (FIs) over a 2013 data breach (Target Corp. v. ACE American Insurance Co., et al., No. 0:19-cv-02916, D. Minn.).

  • October 12, 2020

    6th Circuit: No Mandamus Order To Block Additional Drug Data Discovery

    CINCINNATI — The Sixth Circuit U.S. Court of Appeals on Oct. 8 denied a mandamus petition by the Ohio Board of Pharmacy (OBOP) to order the opioids multidistrict litigation court to rescind its order to provide the names and addresses of opioid prescribers and dispensers to retail pharmacies in an upcoming bellwether trial (In Re:  National Prescription Opiate Litigation [In Re:  State of Ohio Board of Pharmacy], No. 20-3875, 6th Cir.).

  • October 12, 2020

    Maine High Court Finds Nonparty, Redacted Patient Records Not Discoverable

    PORTLAND, Maine— Concluding that state evidentiary law protecting the confidentiality of patient records applies equally to redacted and unredacted records, the Maine Supreme Judicial Court on Sept. 29 reversed a trial court’s order compelling the production of the redacted records of nonparty patients who underwent similar surgical procedures as one at issue in a malpractice suit against a hospital (Estate of Carol A. Kennelly v.  Mid Coast Hospital, No. Cum-18-445, Maine Sup., 2020 Me. LEXIS 118).

  • October 08, 2020

    Health Officer, Restaurant Spar Over Constitutionality Of Contact Tracing Order

    LOS ANGELES — The health officer for Los Angeles County filed a reply brief in California federal court on Oct. 5 supporting his motion to dismiss a complaint alleging that his order directing county businesses to collect customer information for the purpose of contact tracing in the event of an outbreak of COVID-19 is unconstitutional, arguing that the order was properly issued under governmental emergency powers and that the plaintiffs failed to allege any concrete constitutional harms (Miura Corp., et al. v. Muntu Davis, M.D., M.P.H., No. 20-5497, C.D. Calif.).

  • October 07, 2020

    Insured Asks 9th Circuit To Reverse No Coverage Ruling For Alleged Phishing Attack

    SAN FRANCISCO — An insured on Sept. 8 asked the Ninth Circuit U.S. Court of Appeals to reverse a lower federal court's ruling in favor of its insurer in a lawsuit seeking coverage for its alleged "security failure" that was caused by a phishing attack by an unknown perpetrator, contending that a letter demanding monetary relief from one of its clients constituted a "claim" under its "security & privacy risk response" policy (Alorica Inc. v. Starr Surplus Lines Insurance Company, No. 20-55458, 9th Cir.).

Can't find the article you're looking for? Click here to search the Mealey's Data Privacy archive.