SANTA ANA, Calif. — In an Aug. 23 reply supporting its motion to intervene in the recently settled privacy class action against Vizio Inc., a nonprofit investigative organization asks a California federal court to permit it to intervene in the now-dismissed lawsuit for the limited purpose of unsealing certain court records related to the “critically important issue” of consumer privacy and technology companies’ practices of monetizing consumer data (In Re: Vizio, Inc., Consumer Privacy Litigation, No. 8:16-ml-02693, C.D. Calif.).
PHOENIX — A federal judge in Arizona on Aug. 2 granted preliminary approval to an amended settlement agreement in an Arizona class lawsuit over guest lists being voluntarily turned over to U.S. Immigration and Customs Enforcement (ICE) agents by Motel 6 Operating L.P. and G6 Hospitality LLC, doing business as Motel 6, that added an injunctive relief class to the settlement that totals up to $10 million (Jane V., et al. v. Motel 6 Operating L.P., et al., No. 18-242, D. Ariz.).
SAN FRANCISCO— Adopting and signing a proposed judgment submitted by the Securities and Exchange Commission, a California federal judge on Aug. 22 approved the commission’s $100 million civil penalty against Facebook Inc. for making misleading public statements about a known incident in which an analytics firm collected and sold the social network users’ personal data (Securities and Exchange Commission v. Facebook Inc., No. 3:19-cv-04241, N.D. Calif.).
OAKLAND, Calif. — Signing and approving a notice of voluntary dismissal filed by two plaintiffs alleging unauthorized location tracking of their devices by Facebook Inc., a California federal judge on Aug. 21 dismissed privacy and consumer protection claims against co-defendants Google LLC and Apple Inc., with the judge setting new deadlines related to the claims against Facebook, which were not voluntarily dismissed (Brendan Lundy, et al. v. Facebook Inc., et al., No. 4:18-cv-06793, N.D. Calif.).
MILWAUKEE — A Wisconsin trial court “properly exercised its discretion” when it granted certification of a class of individuals who allege that they were overcharged for medical records in violation of state law after applying a new version of the state’s class certification rule, a Wisconsin appellate panel ruled Aug. 20 (Elizabeth Harwood v. Wheaton Franciscan Services, Inc., et al., No. 2018 AP1836, Wis. App., 2019 Wisc. App. LEXIS 463).
PORTLAND, Ore. — An Oregon federal judge on July 29 granted preliminary approval of a proposed settlement between Premera Blue Cross and a group of policyholders who sued the insurer over a 2014 data breach that expose their personal information, finding the settlement to be “fair, reasonable, and adequate” (In Re: Premera Blue Cross Customer Data Security Breach Litigation, No. 3:15-md-02633, D. Ore., 2019 U.S. Dist. LEXIS 127093).
SAN FRANCISCO — The last remaining plaintiff in a consolidated lawsuit over the September 2018 data breach that affected Facebook Inc.’s “view as” feature filed an amended class complaint Aug. 16, following a California federal judge’s ruling that disposed of most of the claims against the social network, alleging that Facebook owed a duty to safeguard the personally identifiable information (PII) of its users, with which it has a “special relationship” (Stephen Adkins v. Facebook, Inc., No. 3:18-cv-05982, N.D. Calif.).
BALTIMORE — In an Aug. 16 motion mirroring similar motions filed by three other cellular carriers in parallel lawsuits, Verizon Communications Inc. asked a Maryland federal court to compel arbitration in a putative class action alleging that it shared customers’ geolocation data with third parties without authorization in violation of the Federal Communications Act (FCA) (Michelle Morrison v. Verizon Communications Inc., et al., No. 1:19-cv-01298, D. Md.).
HARRISBURG, Pa. — A prison inmate sufficiently alleged privacy and Fair Credit Reporting Act (FCRA) claims against Department of Corrections (DOC) employees related to a data breach experienced by a DOC vendor, a Pennsylvania federal judge ruled Aug. 16, denying the employees’ motion to dismiss for lack of jurisdiction (Darren Eades v. John Wetzel, et al., No. 1:19-cv-00512, M.D. Pa., 2019 U.S. Dist. LEXIS 139148).
SANTA ANA, Calif. — Two weeks after granting final approval to a $17 million settlement of class claims over Vizio Inc.’s unauthorized collections of consumers’ television viewing data, a California federal judge on Aug. 14 entered judgment in accordance with the approval ruling, dismissing the case and administratively closing the multidistrict litigation file and each of the member cases (In Re: Vizio, Inc., Consumer Privacy Litigation, No. 8:16-ml-02693, C.D. Calif.).
CLEVELAND — Although an Ohio federal judge deemed a $4.32 million settlement between Sonic Corp. and a class of customers affected by a 2017 data breach to be “fair, reasonable, and adequate,” in granting a motion for final approval on Aug. 12, the judge reduced certain proposed amounts for attorney fees, costs and service awards to named plaintiffs (In re: Sonic Corp. Customer Data Security Breach, No. 1:17-md-02807, N.D. Ohio, 2019 U.S. Dist. LEXIS 135573).
BALTIMORE — A federal judge in Maryland on July 15 granted final approval of a $3.25 million class settlement by the National Board of Examiners in Optometry Inc. (NBEO) to end three lawsuits alleging theft of personal information (Rhonda L. Hutton, O.D., et al. v. Nat’l Bd. of Exam’rs in Optometry, Inc., No. 16-3025, Nicole Mizrahi v. Nat’l Bd. of Exam’rs in Optometry, Inc., No. 16-3146, Brenda Liang, O.D., et al. v. Nat’l Bd. of Exam’rs in Optometry, Inc., No. 17-1964, D. Md., 2019 U.S. Dist. LEXIS 120558).
SAN FRANCISCO — A federal judge in California on Aug. 9 granted in part and denied in part the only remaining plaintiff’s motion to amend a consolidated complaint against Facebook Inc. arising from a 2018 data theft via the social network's "view as" feature, finding that he still has not alleged standing under California Business and Professions Code Section 17200, et seq., because the value of his personal information has not diminished since the data breach (Stephen Adkins v. Facebook, Inc., No. 18-05982 consolidated with No. 19-00117, N.D. Calif., 2019 U.S. Dist. LEXIS 134781).
SAN FRANCISCO — In a brief filed Aug. 12, the U.S. Department of Justice asks the Ninth Circuit U.S. Court of Appeals to uphold a lower court’s decision to maintain the sealed status of court records related to the DOJ’s purported request to compel Facebook Inc. to provide it with access to certain encrypted communications on the social network, invoking the protections of the Wiretap Act (American Civil Liberties Union Foundation, et al. v. U.S. Department of Justice, et al., Nos. 19-15472 and 19-15473, 9th Cir.).
SAN FRANCISCO — In a wide-ranging, 18-count complaint filed Aug. 7 in California federal court, an author and political activist says that Facebook Inc. violated his constitutional rights by blocking his account and sharing his private information with third parties, also alleging claims including conspiracy, computer fraud and breach of contract (Robert Zimmerman, et al. v. Facebook Inc., et al., No. 3:19-cv-04591, N.D. Calif.).
PASADENA, Calif. — A car buyer failed to show that a satellite radio provider’s access to his contact information from the dealership where he purchased the car via his driver’s license and a form he filled out that resulted in letters and calls about continuing the service beyond a free trial period fell within the scope of the Driver’s Privacy Protection Act (DPPA) or constituted a violation of the Computer Fraud and Abuse Act (CFAA), a Ninth Circuit U.S. Court of Appeals panel ruled Aug. 8 (James E. Andrews, et al. v. Sirius XM Radio Inc., et al., No. 18-55169, 9th Cir., 2019 U.S. App. LEXIS 23670).
ATLANTA — In a pair of orders issued Aug. 6, a Georgia federal judge overseeing the multidistrict litigation over the 2017 data breach experienced by Equifax Inc. denied motions by the city of Chicago and three Native American tribes to establish separate tracks, respectively, for governmental enforcement actions and Indian tribal governments, finding that the existing consumer track would adequately address the claims by the moving parties (In Re: Equifax Inc., Customer Data Security Breach Litigation, No. 1:17-md-2800, N.D. Ga.).
SAN FRANCISCO — A group of plaintiffs alleging violation of the Illinois Biometric Information Privacy Act (BIPA) via Facebook Inc.’s photo-tagging feature may proceed with their lawsuit, a Ninth Circuit U.S. Court of Appeals panel ruled Aug. 8, affirming a class certification ruling and finding that the plaintiffs alleged a concrete privacy injury-in-fact, establishing their standing under Article III of the U.S. Constitution (Nimesh Patel, et al. v. Facebook Inc., No. 18-15982, 9th Cir.; 2019 U.S. App. LEXIS 23673).
SAN FRANCISCO — A California federal judge on Aug. 6 approved an agreement between the Federal Trade Commission and a manufacturer of internet-connected video cameras, settling the commission’s misrepresentation claims related to the company’s security representations for its products, with the defendant agreeing to establish and maintain a 20-year comprehensive security program to address and correct its products’ security flaws (Federal Trade Commission v. D-Link Systems Inc., No. 3:17-cv-00039, N.D. Calif.).
SAN JOSE, Calif. — An iPhone owner filed a potential class action against Apple Inc. in California federal court on Aug. 7, alleging invasion of privacy and unfair competition for the technology company’s purported unauthorized recording and retaining of users’ communications through its digital assistant, Siri (Fumiko Lopez, et al. v. Apple Inc., No. 5:19-cv-04577, N.D. Calif.).