Newsletter RSS

Mealey's Data Privacy

  • September 28, 2020

    Cyberattack On Blue Cross Licensee Yields $6.85M Settlement

    WASHINGTON, D.C. —The U.S. Department of Health and Human Services on Sept. 25 announced that Premera Blue Cross (PBC) will pay $6.85 million to the agency's Office for Civil Rights (OCR) to settle allegations that it violated federal privacy and security rules.

  • September 28, 2020

    Judge Deems Law Firm's Ads Over Facebook Biometric Suit Deceptive, Misleading

    SAN FRANCISCO — A law firm's ads targeted to potential settlement class members in a privacy lawsuit over Facebook Inc.'s "Tag Suggestions" feature were "deceptive and misleading," a California federal judge ruled in a Sept. 22 post-hearing minute entry, directing the firm and the plaintiffs to meet and confer about clarifying communications to be sent to people who responded to the ads (In re Facebook Biometric Information Privacy Litigation, No. 15-3747, N.D. Calif.).

  • September 24, 2020

    Voiceprint Biometric Suit Against Amazon Dismissed For Lack Of Jurisdiction

    EAST ST. LOUIS, Ill. — Finding no evidence that Amazon Web Services Inc. and its voiceprinting service provider purposefully directed any actions at residents of Illinois, an Illinois federal judge on Sept. 18 granted the defendants' motion to dismiss punitive class claims against them under Illinois' Biometric Information Privacy Act (BIPA) for lack of personal jurisdiction (Christine McGoveran, et al. v. Amazon Web Services Inc., et al., No. 20-31, S.D. Ill., 2020 U.S. Dist. LEXIS 170891).

  • September 23, 2020

    Employee's Biometric Privacy Claim Not Preempted By Workers' Comp Law, Panel Says

    CHICAGO — Affirming a trial court's decision, an Illinois appeals panel on Sept. 18 found that a woman's claim against her former employer under the Biometric Information Privacy Act (BIPA) is not precluded by the exclusivity provisions in a state workers' compensation law because the biometric privacy claim is not compensable under the latter law (Marquita McDonald v. Symphony Bronzeville Park LLC, et al., No. 2017 CH 11311, Ill. App. 1st Dist., 2020 Ill. App. LEXIS 627).

  • September 23, 2020

    Twitter Accused Of Telecommunications Crime For Sharing Users' Phone Numbers

    SEATTLE — A Twitter user filed a putative class complaint against the social network operator in Washington federal court on Sept. 21, alleging that Twitter Inc. violated state telecommunications law and the privacy rights of herself and other Washington residents by sharing account holders' phone numbers and other personal information with third-party advertisers (Darlin Gray v. Twitter Inc., No. 20-1389, W.D. Wash.).

  • September 22, 2020

    Most Class Claims Against Capital One, Amazon Over Data Breach Survive Dismissal

    ALEXANDRIA, Va. — In a detailed Sept. 18 ruling, a Virginia federal judge partly denied motions by Capital One Financial Corp. and Amazon.com Inc. over a 2019 data breach, allowing unjust enrichment, negligence and breach of contract claims to proceed in part or in full against the credit card issuer and its cloud services provider under the laws of the six states of the representative plaintiffs in the consolidated putative class action (In re Capital One Customer Data Security Breach Litigation, No. 1:19-md-02915, E.D. Va.).

  • September 22, 2020

    Insurer: No Coverage Due For Suit Disputing McDonald's Collection Of Biometric Data

    CHICAGO — A businessowners liability insurer filed suit in a federal court in Illinois on Sept. 21, seeking a declaration that it owes no coverage for an underlying class action alleging that a McDonald's franchise owner violated the Illinois Biometric Information Privacy Act (BIPA) when it scanned an employee's fingerprints but did not disclose the specific purpose for collecting, storing and using her biometric data (American Family Mutual Insurance Company v. McEssy Investment Company, et al., No. 20-05591, N.D. Ill., Eastern Div.).

  • September 22, 2020

    Health Officer Seeks Dismissal Of Suit Over COVID-19 Contact Tracing

    LOS ANGELES — A business and a private individual who allege constitutional privacy and freedom of association claims over a county health order's COVID-19 contact tracing guidelines lack standing to sue, a Los Angeles County health officer tells a California federal court in a Sept. 21 motion to dismiss, arguing that broad latitude should be afforded to health officials during a public health crisis (Miura Corp., et al. v. Muntu Davis, M.D., M.P.H., No. 20-5497, C.D. Calif.).

  • September 21, 2020

    Facebook Privacy Plaintiffs Ask Court To Restrain Law Firm's Deceptive Ads

    SAN FRANCISCO — On the same day that class notification was set to begin regarding the preliminary settlement of a biometric privacy class action against Facebook Inc., the lead plaintiffs on Sept. 18 filed an emergency motion for a temporary restraining order (TRO), asking a California federal court to order a law firm not associated with the case to cease posting online advertisements that they say are deceptively inducing Facebook users to opt out of the settlement (In re Facebook Biometric Information Privacy Litigation, No. 3:15-cv-03747, N.D. Calif.).

  • September 17, 2020

    Google Denied Bid To Appeal Ruling On Standing In Remanded Referrer Header Suit

    SAN JOSE, Calif. — Google LLC saw its motion to pursue an interlocutory appeal of a recent jurisdictional ruling in a privacy lawsuit remanded by the U.S. Supreme Court, with a California federal judge on Sept. 16 finding that the defendant did not establish that an order finding that the plaintiffs have standing to allege violation of the Store Communications Act (SCA) was exceptional or constituted "substantial ground for difference of opinion" to merit review prior to a decision on the merits (In re:  Google Referrer Header Privacy Litigation, No. 5:10-cv-04809, N.D. Calif., 2020 U.S. Dist. LEXIS 169783).

  • September 11, 2020

    Portland, Ore., Bans Face Recognition Technology By City, Private Entities

    PORTLAND, Ore. — The Portland City Council and the city's mayor, Ted Wheeler, on Sept. 9 voted unanimously to enact two ordinances that ban the use of facial recognition technology by, respectively, city bureaus and private entities in places of public accommodation in the city.

  • September 11, 2020

    Class Members Ask 9th Circuit To Dismiss Appeal Of Yahoo Data Breach Settlement

    SAN FRANCISCO — In a Sept. 9 summary affirmance motion, the named plaintiffs in a consolidated class action over multiple data breaches experienced by Yahoo! Inc. ask the Ninth Circuit U.S. Court of Appeals to dispose of one man's appeal of the approval of a $117.5 million settlement of the suit, calling his appeal meritless and stating that "[o]ne serial objector should not be permitted to hold up the implementation" of the settlement for the other 194 million class members (In re:  Yahoo! Inc. Customer Data Security Breach Litigation, No. 20-16633, 9th Cir.).

  • September 11, 2020

    Equifax Moves To Enforce Data Breach Suit Settlement In Mississippi Cases

    ATLANTA — Seven months after a Georgia federal court granted final approval to a settlement between Equifax Inc. and a class of consumer plaintiffs who sued the credit-reporting firm over a massive 2017 data breach, the defendant on Sept. 8 filed an emergency motion to enforce the settlement, claiming that 83 lawsuits against it in Mississippi state court were filed in violation of the settlement's release of breach-related claims and a corresponding injunction against such litigation by class members who did not opt out of the consumer settlement (In Re:  Equifax Inc., Customer Data Security Breach Litigation, No. 1:17-md-2800, N.D. Ga.).

  • September 09, 2020

    Ex-Employee Says Steel Firms Violated ERISA, ADA, HIPAA To Lower COVID-19 Liability

    KANSAS CITY, Mo. — An ex-employee of a Kansas-based steel conglomerate alleges in an Aug. 26 complaint filed in the U.S. District Court for the Western District Of Missouri that management of the steel firms misappropriated sensitive medical information of hundreds of its employees in a scheme to mitigate liability from the novel coronavirus pandemic and then retaliated against and ultimately fired him for reporting the abuse of privacy (Micah Morrison v. SPS Companies Inc., et al., No. 5:20-cv-06129, W.D. Mo.).

  • September 01, 2020

    Google Again Seeks Dismissal Of Privacy Class Complaint Over Location Tracking

    SAN JOSE, Calif. — Eight months after Google LLC prevailed in a consolidated putative class action over its purported "surreptitious, non-consensual, tracking of millions of mobile device users' geolocation" data, the technology giant on Aug. 31 moved in California federal court to dismiss the plaintiffs' consolidated complaint, arguing that they have failed to plead any illegal or undisclosed tracking activities (In re Google Location History Litigation, No. 5:18-cv-05062, N.D. Calif.).

  • August 31, 2020

    Ohio High Court Finds No Privacy Invasion In Urine Sample Collection Monitoring

    COLUMBUS, Ohio — Because a group of at-will employees did not object to being monitored while producing urine samples for mandatory workplace drug testing, a divided Ohio Supreme Court on Aug. 26 found that they could not bring invasion of privacy claims against their employer, overturning an appeals court's ruling and reinstating a dismissal by a trial court (Donna L. Lunsford, et al. v. Sterilite of Ohio LLC, et al., No. 2018-Ohio-1431, Ohio Sup., 2020-Ohio-4193).

  • August 27, 2020

    NSA To 4th Circuit:  State Secrets Privilege Bars Wikimedia's Surveillance Suit

    RICHMOND, Va. — A trial court correctly found that the state secrets privilege prevented Wikimedia Foundation from pursuing a lawsuit over the purported interception of its electronic communications as part of the National Security Agency's upstream surveillance program, the NSA and other government parties argue in Aug. 7 appellee brief to the Fourth Circuit U.S. Court of Appeals, asserting that there is no evidence that any of the appellant's communications were surveilled (Wikimedia Foundation v. National Security Agency, et al., No. 20-1191, 4th Cir.).

  • August 27, 2020

    Settlement Of California's UCL Suit Over Weather Channel App Data Sharing OK'd

    LOS ANGELES — A California judge on Aug. 14 approved a settlement of a lawsuit brought by the state of California under the state's unfair competition law (UCL) against the operators of The Weather Channel app for sharing users' geolocation data with third-party advertisers (California v. TWC Product and Technology LLC, et al., No. 19STCV00605, Calif. Super. Los Angeles Co.).

  • August 27, 2020

    Discovery, Stay Motions At Issue In WhatsApp's Suit Against Spyware Firm

    OAKLAND, Calif. — In an Aug. 24 reply brief supporting its motion for a protective order, an Israeli spyware developer tells a California federal court that the protective order "is urgently needed" for the disclosure of "very important information . . . that bears directly on" a motion to compel filed by plaintiff WhatsApp Inc. in computer fraud lawsuit against the spyware firm (WhatsApp Inc., et al. v. NSO Group Technologies Limited, et al., No. 4:19-cv-07123, N.D. Calif.).

  • August 25, 2020

    Government Denied Warrant To Obtain Device IDs From Google In Theft Investigation

    CHICAGO — A warrant application by the government for a "geofence" to identify devices in the proximity of crimes being investigated did not meet the probable cause and particularity requirements of the Fourth Amendment to the U.S. Constitution, an Illinois federal magistrate judge found in a ruling that was unsealed Aug. 24, finding that the proposed warrant would give the government too much discretion to obtain the device and personal information of passersby unrelated to the crimes (In re Search of Information Stored at Premises Controlled by Google, No. 20-mc-392, N.D. Ill., 2020 U.S. Dist. LEXIS 152712).

Can't find the article you're looking for? Click here to search the Mealey's Data Privacy archive.