Mealey's Data Privacy

  • April 24, 2020

    Colorado Pharmacy Board Must Provide Patient Records Requested By DEA

    DENVER — Finding that the Drug Enforcement Administration sufficiently established that several years’ worth of patient prescription data it seeks via subpoenas has a reasonable relevance to an investigation over the distribution of controlled substances, a Colorado federal judge on April 21 granted the agency’s request to enforce compliance with the subpoenas by the Colorado Board of Pharmacy, which raised privacy concerns (U.S. Department of Justice, Drug Enforcement Administration v. Colorado Board of Pharmacy, et al., No. 1:19-cv-00105, D. Colo., 2020 U.S. Dist. LEXIS 69726).

  • April 23, 2020

    Walgreens Customer Alleges Negligence Over 2019 Data Breach

    CHICAGO — A Florida woman who says that she was one of the pharmacy customers whose data was exposed by a breach of Walgreen Co.’s website filed a putative class complaint against the drugstore chain on April 21 in Illinois federal court, alleging negligence and invasion of privacy (Laura Hernandez v. Walgreen Co., No. 1:20-cv-02434, N.D. Ill.).

  • April 22, 2020

    Class Complaint Filed Over Data Sharing By Houseparty Group Chat App

    SAN DIEGO — Epic Games Inc. was hit with a class complaint in California federal court on April 17 by a user of its Houseparty app who claims negligence and privacy violations related to the purported sharing of her personally identifiable information (PII) with third parties, notably Facebook Inc., without her consent (Heather Sweeney v. Life On Air Inc., et al., No. 3:20-cv-00742, S.D. Calif.).

  • April 22, 2020

    Plaintiffs In Facebook ‘Tag Suggestions’ Class Action Report Settlement Delay

    SAN FRANCISCO — On the date that a preliminary settlement approval motion was due in a class action alleging biometric collection violations by Facebook Inc., the plaintiffs instead on April 17, filed a status report in California federal court reporting that the parties had experienced delays due, in part, to the novel coronavirus pandemic (In re Facebook Biometric Information Privacy Litigation, No. 3:15-cv-03747, N.D. Calif.).

  • April 21, 2020

    Some Class Claims Over Supermarket Chain’s Data Breach Dismissed

    PEORIA, Ill. — In an April 20 ruling, an Illinois federal judge partly granted Hy-Vee Inc.’s motion to dismiss a putative class action over a data breach it experienced, dismissing breach of contract and unjust enrichment claims as inadequately pleaded and some negligence claims as barred by state law (Noreen Perdue, et al. v. Hy-Vee Inc., No. 1:19-cv-01330, C.D. Ill., 2020 U.S. Dist. LEXIS 68607).

  • April 20, 2020

    Judge Rules Twitter Can’t Publish Transparency Report On Surveillance Involvement

    OAKLAND, Calif. — In a case that she said “underscores the tension between the First Amendment and national security,” a California federal judge on April 17 reversed a three-year old ruling in favor of Twitter Inc., holding that subsequent declarations from Federal Bureau of Investigation personnel demonstrated that information the social network sought to publicly disclose about its mandated compliance with government surveillance requests was classified (Twitter Inc. v. William P. Barr, et al., No. 4:14-cv-04480, N.D. Calif.).

  • April 20, 2020

    U.S. Supreme Court Declines Review Of FINRA Immunity Appeal

    WASHINGTON, D.C. — The U.S. Supreme Court on April 20 declined review of a Ninth Circuit U.S. Court of Appeals panel’s ruling upholding the dismissal of claims brought by two business owners and several businesses they owned stemming from the Financial Industry Regulatory Authority’s (FINRA) seizure of materials and information during a raid of one of the businesses (John Hurry, et al. v. Financial Industry Regulatory Authority Inc., et al., No. 19-643, U.S. Sup.).

  • April 20, 2020

    Penn State’s Producing Of Employee’s Emails Did Not Violate SCA, 3rd Circuit Rules

    PHILADELPHIA — In a “narrow” precedential opinion, a Third Circuit U.S. Court of Appeals panel on April 16 affirmed the dismissal of a Pennsylvania State University employee’s Stored Communications Act (SCA) lawsuit over the production of her emails to law enforcement without a valid subpoena, clarifying that if the university’s production had been induced, rather than voluntary, there may have been liability under the statute (Carol Lee Walker v. Senior Deputy Brian T. Coffey, et al., No. 19-1067, 3rd Cir., 2020 U.S. App. LEXIS 12063).

  • April 17, 2020

    Interlocutory Appeal Denied In Location-Tracking Suit Against Google

    SAN JOSE, Calif. — The plaintiffs suing Google LLC for privacy violations related to the purported tracking of their devices without consent were denied a bid for interlocutory appeal of a December dismissal order on April 15, with a California federal judge finding that they presented no controlling questions of law that would merit the rarely granted form of relief (In re Google Location History Litigation, No. 5:18-cv-05062, N.D. Calif.).

  • April 16, 2020

    More Privacy Lawsuits Filed Against Zoom; Facebook, LinkedIn Also Named

    LOS ANGELES — With at least eight federal privacy class complaints filed against Zoom Video Communications Inc. over its reported data-sharing practices since March 30, a complaint filed April 13 in California federal court also brought invasion of privacy and trespass claims against Facebook Inc. and LinkedIn Corp. (Todd Hurvitz v. Zoom Video Communications Inc., et al., No. 2:20-cv-03400, C. D. Calif.).

  • April 15, 2020

    Rent-To-Own Franchisor Dismissed From Spyware Suit Over Franchisee’s Objection

    ERIE, Pa. — More than six months after the plaintiffs in a computer spyware lawsuit stipulated to dismiss their claims against a rent-to-own (RTO) franchisor, a Pennsylvania federal judge on March 27 granted dismissal of Aaron’s Inc., specifying that this did not affect the plaintiffs’ privacy claims against the franchisee from which they obtained their computer (Crystal Byrd, et al. v. Aaron’s Inc., et al., No. 1:11-cv-00101, W.D. Pa.).

  • April 14, 2020

    Analytics Firm Waives Answer To LinkedIn’s Computer Fraud Certiorari Petition

    WASHINGTON, D.C. — A data analytics firm that successfully enjoined LinkedIn Corp. from preventing it from scraping publicly viewable user data from its website filed a notice of waiver with the U.S. Supreme Court on April 13, declining to respond to LinkedIn’s petition for certiorari, which raises a question over whether the Computer Fraud and Abuse Act (CFAA) provides protection for public-facing websites (LinkedIn Corp. v. hiQ Labs Inc., No. 19-1116, U.S. Sup.).

  • April 13, 2020

    Trespass, Privacy Class Claims Over Apple’s 2-Factor Authentication Again Dismissed

    SAN JOSE, Calif. — Finding that the named plaintiffs in a punitive class action against Apple Inc. over its two-factor authentication (2FA) login process failed to cure pleading deficiencies identified in a previous dismissal ruling, a California federal judge on April 7 again granted dismissal for failure to state a claim, this time denying the plaintiffs leave to amend their trespass and privacy claims (Jay Brodsky, et al. v. Apple Inc., No. 5:19-cv-00712, N.D. Calif., 2020 U.S. Dist. LEXIS 61137).

  • April 10, 2020

    Judge:  Children Aren’t Bound By Amazon Arbitration Clause In Alexa Privacy Row

    SEATTLE — A group of minor plaintiffs may proceed with their wiretap claims against Inc., a Washington federal judge ruled April 9, finding that the online retailer’s arbitration provision was not binding on the nonsignatory children, who claim that Amazon’s “Alexa” digital assistant recorded their voices without consent (B.F., et al. v. Inc., et al., No. 2:19-cv-00910, W.D. Wash.).

  • April 09, 2020

    Illinois Man Seeks To Enjoin Clearview’s Collection, Sale Of Biometric Identifiers

    CHICAGO — The lead plaintiff in the first of six federal complaints filed against Clearview AI Inc. for its collection and sale of the biometric identifiers of millions of people filed a motion in Illinois federal court on April 8, seeking a preliminary injunction to prevent any further use of the identifiers pending the resolution of his claims under the Illinois Biometric Information Privacy Act (BIPA) (David Mutnick v. Clearview AI Inc., et al., No. 1:20-cv-00512, N.D. Ill.).

  • April 09, 2020

    9th Circuit:  Facebook Users May Proceed With Privacy Claims Over URL Collection

    SAN FRANCISCO — Partly reversing the dismissal of a class complaint over Facebook Inc.’s tracking of the internet histories of users who were logged out of its social network, a Ninth Circuit U.S. Court of Appeals panel on April 9 ruled that the plaintiffs sufficiently alleged privacy and intrusion claims, while affirming dismissal of electronic interception and contractual claims (In re:  Facebook Inc. Internet Tracking Litigation, No. 17-17486, 9th Cir., 2020 U.S. App. LEXIS 11102).

  • April 09, 2020

    Zoom Named In Investor Suit Over Inadequate Data Privacy, Security Measures

    SAN FRANCISCO — Zoom Video Communications Inc. and two of its senior executives violated federal securities laws by concealing from investors that the cloud-based communications platform developer had implemented inadequate data privacy and security measures that were later disclosed in light of the spread of the novel coronavirus pandemic, an investor argues in a Feb. 8 securities class complaint filed in California federal court (Kim Brams v. Zoom Video Communications Inc., et al., No. 20-2396, N.D. Calif.).

  • April 08, 2020

    Location Data-Selling Class Claim Against Verizon Voluntarily Dismissed

    BALTIMORE — Five months after putative class complaints against the four major U.S. cellular service providers were ordered to arbitration, the lead plaintiff in the suit accusing Verizon Communications Inc. of selling customers’ geolocation data to third parties on April 3 filed a notice of voluntary dismissal in Maryland federal court (Michelle Morrison v. Verizon Communications Inc., et al., No. 1:19-cv-01298, D. Md.).

  • April 07, 2020

    Facebook Must Produce Some Search Terms, Custodian Data In Profile Privacy Suit

    SAN FRANCISCO — Partly resolving a dispute over the production of electronically stored information (ESI) in the consolidated lawsuit over Facebook Inc.’s sharing of user data with third parties, a California federal magistrate judge on April 2 directed the social network to provide some of the information requested by the plaintiffs, while setting in place processes for addressing production of the remaining requested data (In re Facebook Inc., Consumer Privacy User Profile Litigation, No. 3:18-md-02843, N.D. Calif.).

  • April 07, 2020

    Facebook Denied Bid To Stay Compel Order In Attorney General’s Investigation

    BOSTON — In a March 30 docket entry, a Massachusetts Appeals Court justice denied Facebook Inc.’s motion to stay an order compelling it to produce disputed documents requested by the Massachusetts attorney general (AG) in an investigation of privacy violations, with the justice finding that the social network did not establish that the items were privileged (Attorney General v. Facebook Inc., No. 2020-J-0148, Mass. App.).

Can't find the article you're looking for? Click here to search the Mealey's Data Privacy archive.