PORTLAND, Ore. — In a June 18 brief responding to citation of additional authority by a subscriber who alleges privacy violations against it, Comcast Cable Communications LLC tells the Ninth Circuit U.S. Court of Appeals that a recent ruling regarding the so-called McGill rule related to contractual arbitration provisions does not support a trial court’s finding that the company’s arbitration requirement for customer disputes was invalid (Brandon Hodges v. Comcast Cable Communications LLC, No. 19-16483, 9th Cir.).
ALEXANDRIA, Va. — The Federal Deposit Insurance Corp. on June 16 asked a Virginia federal court to reconsider a ruling in which it denied the agency’s motion to intervene in a discovery matter in a multidistrict litigation over a 2019 data breach experienced by Capital One Financial Corp., contending that it is entitled to defend as privileged certain documents requested by the plaintiffs (In re Capital One Customer Data Security Breach Litigation, No. 1:19-md-02915, E.D. Va.).
WASHINGTON, D.C. — A civil liberties organization that sued the Federal Trade Commission under the Freedom of Information Act (FOIA) regarding documents filed with the commission by Facebook Inc. over its data privacy practices received an unfavorable ruling in its quest for attorney fees on June 16 by a District of Columbia federal magistrate judge, who opined in a report and recommendation that the plaintiff did not establish entitlement to fees under the catalyst theory of causation (Electronic Privacy Information Center v. Federal Trade Commission, No. 1:18-cv-00942, D. D.C.).
NEW YORK — An enjoined New York City ordinance that required online home-sharing platform operators to submit certain homeowner data to the city will be revised in accordance with the city’s settlement of a lawsuit filed by Airbnb Inc. under the Fourth Amendment to the U.S. Constitution, the parties reported in a June 12 letter motion seeking a stay of proceedings in New York federal court (Airbnb Inc. v. New York, No. 1:18-cv-07712; HomeAway.com Inc. v. New York, No. 1:18-cv-07742, S.D. N.Y.).
ATLANTA — Three weeks after a group of financial institutions (FIs) announced a $5.5 million settlement with Equifax Inc. over the credit-reporting giant’s 2017 data breach, a Georgia federal judge on June 4 granted preliminary approval to the agreement as being “fair, reasonable, and adequate” and greenlighting the class notification program (In Re: Equifax Inc., Customer Data Security Breach Litigation, No. 1:17-md-02800, N.D. Ga.).
SAN FRANCISCO — A discovery request for all source code related to Facebook Inc.’s Messenger app was deemed too broad by a California federal magistrate judge, who on June 11 instead directed the social network to just submit source code related to the app’s features at issue in the privacy and data access claims over data-scraping activities carried out by the app (Lawrence Olin, et al. v. Facebook Inc., No. 3:18-cv-01881, N.D. Calif.).
BOSTON— Affirming a trial court’s ruling that reversed the quashing of a subpoena for recordings of an employee’s phone calls, a First Circuit U.S. Court of Appeals panel on June 5 found that the calls were recorded unintentionally and thus did not run afoul of the prohibitions of the Federal Wiretap Act (In re HIPAA Subpoena, No. 19-1424, 1st Cir.).
ATLANTA — An insured’s assignee recently asked the 11th Circuit U.S. Court of Appeals to reverse a federal district court’s finding that coverage for an underlying $60,413,112 consent judgment entered against the insured in a Telephone Consumer Protection Act (TCPA) violation dispute is barred by the insurance policy's “invasion of privacy” exclusion (Jacob Horn, et al. v. Liberty Insurance Underwriters, Inc., No. 19-12525, 11th Cir.).
SAN JOSE, Calif. — One day after a hearing in a remanded privacy suit against Google LLC, a California federal judge on June 5 determined that the plaintiffs sufficiently established their standing under Article III of the U.S. Constitution to allege violations of the Stored Communications Act (SCA) by Google’s purported sharing of their search query terms with third-party website operators (In re: Google Referrer Header Privacy Litigation, No. 5:10-cv-04809, N.D. Calif., 2020 U.S. Dist. LEXIS 99291).
LOS ANGELES — A former user of the Wishbone app filed a putative class action against the app’s maker in California federal court on June 1, alleging negligence and unfair competition over Mammoth Media Inc.’s purported inadequate security practices, which, he claims, led to a recently announced data breach that resulted in the theft of nearly 40 million users’ personally identifiable information (PII) (Connor Burns v. Mammoth Media Inc., No. 2:20-cv-04855, C.D. Calif.).
SAN JOSE, Calif. — In a putative class complaint filed June 2 in California federal court, three Google LLC subscribers assert that the technology firm continuously tracks and collects users’ web-browsing information despite their use of “private browsing mode” (Charles Brown, et al. v. Google LLC, et al., No. 5:20-cv-03664, N.D. Calif.).
NEW YORK — An Illinois resident who filed the first of several biometric privacy suits over Clearview AI Inc.’s creation of a facial scan database failed in his bid to intervene in six putative class actions against the tech firm in New York federal court on May 29, as a New York federal judge deemed intervention in the noncertified putative class actions “not justified on either mandatory or permissive grounds” due to the movant’s lack of cognizable interest (Mario Calderon, et al. v. Clearview AI Inc., No. 1:20-cv-01296, S.D. N.Y., 2020 U.S. Dist. LEXIS 94926).
CHICAGO — A proposed class settlement worth more than $3.2 million between a restaurant and its workers over claims concerning the employer’s collection of workers’ fingerprints contains several “minor problems” when it comes to class members’ rights to object, a federal judge in Illinois ruled May 28, denying preliminary approval (Ebony Jones v. CBC Restaurant Corp., No. 19-6736, N.D. Ill.).
CHICAGO — Finding that Bose Corp. is a party to the Bluetooth communications between its wireless products and an app that controls their settings, an Illinois federal judge on May 27 granted the audio company’s motion to dismiss wiretap and eavesdropping class claims against it for the same reasons she had done so more than a year earlier (Kyle Zak v. Bose Corp., No. 1:17-cv-02928, N.D. Ill.).
PHOENIX — Arizona filed a complaint against Google LLC in state court on May 27, accusing the technology giant of violating the Arizona Consumer Fraud Act (CFA) via its “widespread and systemic use of deceptive and unfair business practices to obtain information about the location of its users” to fuel its “lucrative advertising business” (Arizona v. Google LLC, No. CV 2020-006219, Ariz. Super. Maricopa Co.).
ALEXANDRIA, Va. — Capital One Financial Corp. failed to establish that a report prepared by its cybersecurity consultant over a 2019 data breach differed from tasks the consultant would have performed absent the breach, a Virginia federal magistrate judge ruled May 26, deeming the report not to be protected work product and granting motion by a group of the credit card issuer’s customers to compel its production in a multidistrict litigation over the incident (In re Capital One Customer Data Security Breach Litigation, No. 1:19-md-02915, E.D. Va., 2020 U.S. Dist. LEXIS 91736).
CHICAGO — An Illinois man who filed the first of several privacy lawsuits over the online facial data collection practices conducted by Clearview AI Inc. filed a supplemental brief in New York federal court on May 20, supporting his motion to intervene in five lawsuits in that venue, arguing that a recent development in his suit in Illinois federal court weights in favor of litigating claims against the tech firm in the Illinois court (David Mutnick v. Clearview AI Inc., et al., No. 1:20-cv-00512, N.D. Ill.).
ALLENTOWN, Pa. — A food distributor’s ex-vice president who now resides in Poland cannot invoke the General Data Protection Regulation (GDPR) to escape his discovery duties in a Racketeer Influenced and Corrupt Organizations Act (RICO) suit brought by his former employer, a Pennsylvania federal judge ruled May 21, concluding that the defendant could not meet his burden to establish that the European law bars production from him as a U.S. citizen (Giorgi Global Holdings Inc., et al. v. Wieslaw Smulski, et al., No. 5:17-cv-04416, E.D. Pa., 2020 U.S. Dist. LEXIS 89369).
CHICAGO — An Illinois federal judge on May 5 found that one of two lead plaintiffs alleging biometric privacy violations in Shutterfly Inc.’s use of facial-recognition technology was bound by the company’s arbitration provision, staying the putative class action brought under the Illinois Biometric Information Privacy Act (BIPA) pending resolution of the arbitration (Vernita Miracle-Pond, et al. v. Shutterfly Inc., No. 1:19-cv-04722, N.D. Ill., 2020 U.S. Dist. LEXIS 86083).
SAN JOSE, Calif. — Google LLC on May 15 filed a reply supporting its motion to dismiss a case remanded by the U.S. Supreme Court for jurisdictional findings, telling a California federal court that plaintiffs alleging privacy violations under the Stored Communications Act (SCA) for the purported sharing of their search query terms failed to allege the necessary harm to establish standing under Article III of the U.S. Constitution (In re: Google Referrer Header Privacy Litigation, No. 5:10-cv-04809, N.D. Calif.).