Mealey's Data Privacy

  • March 18, 2024

    California AirTag Stalking Victims’ Claims Against Apple May Proceed, Judge Says

    SAN FRANCISCO — A California federal judge on March 15 denied Apple Inc.’s motion to dismiss negligence and strict product liability claims brought against it by three plaintiffs who claim that they were stalked in California through the use of Apple’s AirTag devices but dismissed claims brought by 35 other plaintiffs, writing in a second order that the claims brought by out-of-state plaintiffs were insufficiently pleaded.

  • March 18, 2024

    GM, OnStar, Lexis Sued For Collecting, Sharing Drivers’ Data

    WEST PALM BEACH, Fla. — A Florida man, who claims that his driving data was collected and shared without his knowledge or consent brings putative class claims under the Fair Credit Reporting Act (FCRA), as well as Florida consumer and privacy law, asserting that the inaccurate information negatively impacted his ability to obtain car insurance.

  • March 18, 2024

    Patients Seek To Centralize Data Breach Suits Against Health Care Firm In Tennessee

    WASHINGTON, D.C. — Four plaintiffs who separately filed putative negligence class actions against a health care provider that recently experienced a data breach filed a motion to transfer and consolidate their suits along with others filed against the same defendant in Tennessee federal court.

  • March 12, 2024

    After A Few Tries, $37.5M Settlement Of Meta Tracking Class Action Gets Final OK

    SAN FRANCISCO — After receiving assurances that the plaintiffs in a Facebook location-tracking class action had taken care of his latest concern over a $37.5 million settlement of privacy claims against the social network’s owner Meta Platforms Inc., a California federal judge on March 11 finally granted final approval of the settlement after a year and a half of tweaks and revisions to it.

  • March 11, 2024

    Covington Client Dismisses D.C. Circuit Appeal Of SEC Disclosure Order

    WASHINGTON, D.C. — More than eight months after a judge ordered Covington & Burling LLP to identify for the Securities and Exchange Commission seven of its clients whose information had been compromised in a cybersecurity attack, one of those clients, proceeding pseudonymously, on March 11 filed a stipulation voluntarily dismissing his appeal to the District of Columbia Circuit U.S. Court of Appeals of that ruling.

  • March 08, 2024

    DOJ, ACLUF Settle Social Media Monitoring FOIA Row For $240,000 In Fees, Costs

    OAKLAND, Calif. — After almost two years of conferring, filing status reports and submitting documents, the American Civil Liberties Union Foundation (ACLUF) and several government agencies jointly filed a stipulation and proposed order of dismissal in California federal court, under which they agree to end a five-year-old Freedom of Information Act (FOIA) dispute with the payment of $240,000 in attorney fees and costs by the U.S. Department of Justice (DOJ) and other agencies.

  • March 07, 2024

    MyPillow CEO Tells High Court Phone, Data Seizure Warrant Violated 4th Amendment

    WASHINGTON, D.C. — MyPillow Inc. Chief Executive Officer Michael J. Lindell has filed a petition for certiorari, asking the U.S. Supreme Court to find that a warrant used by the Federal Bureau of Investigation to seize his iPhone and all the data on it violated the Fourth Amendment to the U.S. Constitution because it did not state with particularity that data to be seized.

  • March 06, 2024

    9th Circuit: Google Didn’t Deceive Android Users By Gathering App, OS Data

    SAN FRANCISCO — A Ninth Circuit U.S. Court of Appeals panel on March 5 affirmed the dismissal of two smartphone users’ fraud, unfair competition and breach of contract claims against Google LLC for collecting data on third-party app usage via its Android operating system (OS), finding that Google adequately disclosed its collection of consumer data across both Google apps and third-party apps using its OS.

  • March 06, 2024

    9th Circuit Affirms Final Settlement Of $90 Million Facebook Tracking MDL

    SAN FRANCISCO — More than a year after a trial court granted final approval to the $90 million settlement of a multidistrict litigation over the alleged tracking of Facebook users’ online activity by Meta Platforms Inc. (formerly Facebook Inc.), a Ninth Circuit U.S. Court of Appeals panel affirmed the settlement, finding no abuse of discretion and rejecting three objectors’ suggested settlement fund of $1.24 trillion as “unreasonable.”

  • February 29, 2024

    Canadian Lab Opposes Israeli Firm’s Discovery Efforts In WhatsApp Spyware Row

    OAKLAND, Calif. — A nonparty Canadian lab that focuses on “digital espionage” filed a motion in California federal court on Feb. 28, seeking to specially appear in the computer fraud lawsuit between WhatsApp Inc. and NSO Group Technologies Limited for the purpose of opposing NSO’s motion to serve it with a letter rogatory to obtain “sweeping discovery” that it contends is “almost exclusively unrelated to the claims and defenses” in the case.

  • February 20, 2024

    Israeli Firm Seeks Discovery From Canadian Research Lab In Spyware Suit

    OAKLAND, Calif.— With competing motions to compel pending in its computer fraud dispute with WhatsApp Inc., Israeli surveillance technology company NSO Group Technologies Limited asked a California federal court to issue a letter rogatory requesting a Canadian court to compel discovery from a Toronto-based research laboratory that aided WhatsApp in the present suit.

  • February 28, 2024

    Dating App User, Bumble Say Settlement Reached In Biometric Data Collection Case

    CHICAGO — A dating application user and the companies associated with the operation of that app filed a joint status report in a federal court in Illinois stating that a settlement in principle has been reached in a putative class complaint alleging violation of the Illinois Biometric Information Privacy Act (BIPA) by collecting, storing and using users’ data.

  • February 28, 2024

    Initial OK Given To $2.45 Million Settlement Of Debt Collector Data Breach Suit

    SEATTLE — Two months after the proposed settlement of a class action over the 2022 breach of a debt collector’s network was sent back for some fine-tuning, a Washington federal judge granted a renewed motion for preliminary approval of a $2.45 million agreement, finding that the parties cured ambiguous language in its scope of release and sufficiently identified the range of attorney fees and costs amounts sought.

  • February 27, 2024

    AI Interview Company Can’t Escape Illinois Biometric Law Class Action

    CHICAGO — The use of a company’s artificial intelligence-based virtual interview program within Illinois gives jurisdiction over the case and the allegations fall within the purview of Illinois law governing biometric data, a federal judge in Illinois said Feb. 26, dismissing only claims that the company profited from the sale of such data.

  • February 26, 2024

    Class Complaint Accuses Labcorp Of Sending Protected Health Info To Google

    PHILADELPHIA — Two patients of Laboratory Corporation of America Holdings (Labcorp) filed a class complaint unsealed Feb. 23 by a federal judge in Pennsylvania, accusing the health care company of intercepting individually identifiable health information from its website users and sending the information to Google, which analyzes the data, matches the information to individuals and then shares its analysis with Labcorp.

  • February 23, 2024

    Kroger Pharmacy Customers Dismiss Consolidated Data-Sharing Class Suits

    CINCINNATI — Customers of an Ohio supermarket chain whose two putative class complaints alleging that the installation and use of a tracking pixel on the chain’s pharmacy website to collect and share confidential patient information were consolidated in January filed a notice on Feb. 22 of voluntary dismissal without prejudice pursuant to Federal Rule of Civil Procedure 41(A)(i).

  • February 21, 2024

    4 More Suits Consolidated In Fortra File Transfer Data Breach MDL

    MIAMI — One week after consolidating 46 putative class actions related to more than 100 data breaches attributed to hackers’ exploitation of vulnerabilities in file-transfer software, the Judicial Panel on Multidistrict Litigation (JPMDL) consolidated four more related suits with the others in the multidistrict litigation in Florida federal court.

  • February 20, 2024

    Google Says UCL, Other Claims In AI Training Lawsuit Fail

    SAN FRANCISCO — Vague allegations and hypothetical damages involving the scraping of websites and other sources for data used in the training of artificial intelligence cannot form the basis of California unfair competition law (UCL) and other claims because the potential usage was adequately disclosed and individuals lack a privacy interest in information they themselves publicly disclosed, Google LLC tells a federal judge in California in seeking dismissal.

  • February 20, 2024

    Home Depot Customer Sues Over Use Of Google AI To Access, Record Phone Calls

    LOS ANGELES — In a putative class action filed in California federal court, a Los Angeles man alleges that The Home Depot Inc. violated California’s Invasion of Privacy Act (CIPA) by using an artificial intelligence product from Google Inc. to listen to, analyze and record customers’ phone calls without their knowledge or consent.

  • February 16, 2024

    7th Circuit: Minors Not Bound By Arbitration Clause In Ancestry.Com Privacy Suit

    CHICAGO — Affirming a trial court’s denial of a motion by Ancestry.com DNA LLC to compel arbitration of a putative genetic privacy class action against it, a Seventh Circuit U.S. Court of Appeals panel on Feb. 15 found that because the minor plaintiffs were not signatories to the terms and conditions on Ancestry’s website, they were not bound by the arbitration provision to which their guardians agreed.

  • February 15, 2024

    RICO Claim Tossed From Suit Alleging App Captures Data With Cyberpirated Marks

    SACRAMENTO, Calif. — A federal judge in California denied arbitration and dismissed a Racketeering Influenced and Corrupt Organizations (RICO) Act claim from a putative class complaint accusing a software company of collecting and selling personal data from a budgeting application for smartphones and of using cyberpirated trademarks and other information to entice users to enter their banking information but permitted the app user’s remaining claims under Utah and California law to proceed.

  • February 15, 2024

    Meta Asks D.C. Circuit To Enjoin FTC From Modifying $5 Billion Privacy Judgment

    WASHINGTON, D.C. — In a reply brief supporting its motion for an injunction pending appeal, Meta Platforms Inc. (formerly Facebook Inc.) asks the District of Columbia Circuit U.S. Court of Appeals to stop the Federal Trade Commission from reopening a 2020 $5 billion privacy settlement while it pursues an appeal of a trial court ruling, arguing that the commission does not have jurisdiction to unilaterally revise the stipulated order in that case.

  • February 14, 2024

    Reconsideration Of Partial Dismissal Of Website Data Collection Claims Sought

    SAN DIEGO — Papa John’s International Inc. filed a motion for reconsideration in a federal court in California after a judge partially granted its motion to dismiss a putative class complaint alleging violations of the California Invasion of Privacy Act (CIPA) through the alleged interception and collection of users’ data on a pizza-ordering webpage, in light of the ruling in Briskin v. Shopify.

  • February 12, 2024

    Google Tells 9th Circuit Chrome Users Consented To Data Collection, Use

    SAN FRANCISCO — In a Feb. 9 appellee brief, Google LLC explains to the Ninth Circuit U.S. Court of Appeals that the parties alleging privacy violations related to the purported collection and sharing of their personally identifiable information (PII) through the Chrome web browser “undisputedly agreed” to its privacy policy and related agreements “that describe the precise data collection and use” of which they complain, asking that the trial court ruling that disposed of all their claims be affirmed.

  • February 02, 2024

    Insured Seeks Coverage For Claims It Violated BIPA By Using Biometric Time Clocks

    CHICAGO — An insured filed a breach of contract lawsuit in an Illinois federal court, seeking a declaration as to coverage for an underlying putative class lawsuit alleging that it violated the Illinois Biometric Privacy Act (BIPA) by using biometric time clocks to track employee working hours.