Mealey's Data Privacy

  • November 12, 2018

    Rite Aid Customer Files Suit Over Unauthorized Disclosure Of HIV Status

    PITTSBURGH — A Rite Aid customer sued the pharmacy company and a pharmacist at a Pittsburgh location on Oct. 23, alleging that an employee violated state and federal health laws and caused him mental anguish and humiliation by announcing his HIV status without permission within earshot of other customers (John Doe v. Rite Aid Pharmacy Corp., et al., No. 18-013826, Pa. Comm. Pls., Allegheny Co.).

  • November 12, 2018

    Judge Denies Health Care Fraud Defendant’s Motion To Suppress Evidence From Emails

    NEW YORK — A federal judge in New York on Nov. 9 denied a motion to suppress filed by a man accused of participating in a health care fraud scheme, finding that search warrants executed for three email accounts were not overbroad and that the man had no reasonable expectation of privacy for the accounts (United States v. Paul J. Mathieu, et al., No. 16 cr 763, S.D. N.Y., 2018 U.S. Dist. LEXIS 192281).

  • November 09, 2018

    Snowden Declaration Filed To Support Class Action Over NSA Dragnet Surveillance

    OAKLAND, Calif. — Seeking to proceed with their statutory claims over the domestic surveillance activities of the National Security Agency (NSA), the plaintiffs in a 10-year old putative class action against the federal government on Nov. 2 filed a declaration by former NSA contractor Edward Snowden the same day they filed a reply brief in California federal court opposing the government’s summary judgment motion (Carolyn Jewel, et al. v. National Security Agency, et al., No. 4:08-cv-04373, N.D. Calif.).

  • November 07, 2018

    Zappos Customers Oppose Certiorari In Data Breach Suit

    WASHINGTON, D.C. — Asserting that they plausibly pleaded a substantial risk of future harm due to their personally identifiable information (PII) being stolen in a 2012 data breach experienced by Inc., a group of the online retailer’s customers in a Nov. 6 brief urge the U.S. Supreme Court to deny its petition for certiorari, arguing that the circuit courts are in agreement on the standard of determining whether future harm has been sufficiently alleged in data breach cases ( Inc. v. Theresa Stevens, et al., No. 18-225, U.S. Sup.).

  • November 07, 2018

    Post-Argument Briefs Ordered By Supreme Court In Google Privacy Cy Pres Case

    WASHINGTON, D.C. — Six days after hearing oral arguments in a dispute about the propriety of cy pres settlements in class actions, the U.S. Supreme Court on Nov. 6 directed the parties to file supplemental briefs addressing whether the named plaintiffs alleging privacy violations by Google LLC established standing in the case under Article III of the U.S. Constitution (Theodore H. Frank, et al. v. Paloma Gaos, et al., No. 17-961, U.S. Sup.).

  • November 07, 2018

    British Airways Hit With Class Complaint Over Hack Of Online Payment System

    BROOKLYN, N.Y. — A New York man on Nov. 5 filed a putative class complaint against British Airways PLC (UK) in New York federal court, claiming that the airline’s failure to comply with the European Union’s General Data Protection Regulation (GDPR) led to a recently announced data breach that exposed the payment information of hundreds of thousands of customers (Ralph Pena v. British Airways PLC [UK], No. 1:18-cv-06278, E.D. N.Y.).

  • November 06, 2018

    Facebook Moves To Dismiss Data-Sharing Class Action For Lack Of Standing

    SAN FRANCISCO — Facebook Inc. on Nov. 2 moved in California federal court to dismiss a consolidated class action over its 2015 data-sharing incident with Cambridge Analytica LLC, arguing that the plaintiffs have not pleaded any cognizable harm from the incident that is sufficient to establish standing under Article III of the U.S. Constitution, citing a lack of allegations that the shared data was misused by any third parties (In re Facebook Inc., Consumer Privacy User Profile Litigation, No. 3:18-md-2843, N.D. Calif.).

  • November 06, 2018

    Equifax Says Banks Did Not Plead Injury, Establish Standing In Data Breach Suit

    ATLANTA — A consolidated group of banks and financial institutions (FIs) failed to establish standing to sue under Article III of the U.S. Constitution, Equifax Inc. argues in a Nov. 1 reply brief in Georgia federal court, seeking dismissal of negligence claims related to its 2017 data breach for failure to plead a cognizable injury (In Re:  Equifax Inc., Customer Data Security Breach Litigation, No. 1:17-md-2800, N.D. Ga.).

  • November 05, 2018

    Kansas Appeals Panel Says Court Can Order DNA Testing In Probate Proceeding

    TOPEKA, Kan. — A Kansas Court of Appeals panel on Nov. 2 vacated a magistrate judge’s decision to deny a woman’s request for DNA testing in a probate proceeding, finding that the judge abused his discretion by misunderstanding the law (In re Estate of Chad Allen Fechner, No. 118,809, Kan. App., 2018 Kan. App. LEXIS 59).

  • October 31, 2018

    Fairness, Standing Argued In High Court Over Google Privacy Cy Pres Settlement

    WASHINGTON, D.C. — The U.S. Supreme Court on Oct. 31 heard arguments about the propriety of cy pres settlements of class actions, with Google LLC, the federal government, a class of Google users and objectors to a class settlement all offering their opinions on whether such a settlement was fair in an underlying privacy case (Theodore H. Frank, et al. v. Paloma Gaos, et al., No. 17-961, U.S. Sup.).

  • October 30, 2018

    Judge Refuses To Suppress Evidence Of Fraud Scheme From Defendant’s Phone

    DETROIT — Evidence from a defendant’s cell phone documenting his role in a scheme to fraudulently obtain unemployment insurance benefits should not be suppressed, a federal judge in Michigan ruled Oct. 29, finding that a private investigator for an insurance company was not acting as a government agent when viewing the contents of the phone (United States v. Damon Drekarr Kemp, No. 18-20043, E.D. Mich., 2018 U.S. Dist. LEXIS 184341).

  • October 30, 2018

    U.S. Supreme Court Hears Arguments In Class Arbitration Dispute

    WASHINGTON, D.C. — While contract disputes are generally controlled by state law, the Federal Arbitration Act (FAA) controls questions about class arbitrability when it comes to interpreting an employment contract between an employer and employee after the employee filed a class complaint alleging, in part, negligence and violation of California’s unfair competition law (UCL) after employee data was stolen, the attorney representing the employer told the U.S. Supreme Court on Oct. 29 (Lamps Plus, Inc., et al. v. Frank Varela, No. 17-988, U.S. Sup.).

  • October 29, 2018

    Plaintiffs Call Horizon’s Document Production In Data Theft Suit Deficient

    NEWARK, N.J. — In an Oct. 24 letter to a New Jersey federal magistrate judge, the plaintiffs in a lawsuit over the theft of laptops that contained policyholders’ personally identifiable information (PII) assert that the defendant insurance company has shirked its duty to produce discovery relevant to the claims and defenses in the case, seeking a hearing or motion to compel withheld documents (In Re Horizon Healthcare Services Inc. Data Breach Litigation, No. 2:13-CV-07418, D. N.J.).

  • October 26, 2018

    Payment Card Data Found Not To Be Trade Secret Under DTSA

    DENVER — A federal judge in Colorado on Oct. 24 ruled that two financial institutions failed to sufficiently show that payment card data is a trade secret or that the data has any independent economic value in bringing their Defend Trade Secrets Act (DTSA) claims against fast food restaurant operator Chipotle Mexican Grill Inc. for its role in a massive data breach (Bellwether Community Credit Union, et al. v. Chipotle Mexican Grill Inc., No. 17-1102, D. Colo., 2018 U.S. Dist. LEXIS 182717).

  • October 25, 2018

    Objectors To Google Privacy Cy Pres Settlement Inform High Court Of New Ruling

    WASHINGTON, D.C. — Eight days before the scheduled oral argument in a dispute over the fairness of cy pres settlements in class actions, two objectors to the settlement in a privacy lawsuit against Google LLC filed a supplemental brief with the U.S. Supreme Court on Oct. 23, reporting a recent Ninth Circuit U.S. Court of Appeals ruling that they say demonstrates “the pernicious affects” such settlements can have (Theodore H. Frank, et al. v. Paloma Gaos, et al., No. 17-961, U.S. Sup.).

  • October 25, 2018

    AT&T Moves To Dismiss Complaint Over Cellphone Hack And Cryptocurrency Theft

    LOS ANGELES — AT&T Inc. seeks dismissal of a 16-count complaint in which one of its customers attempts to hold the cellular provider responsible for the theft of almost $24 million in cryptocurrency via hacking of his cellphone, arguing in an Oct. 22 motion in California federal court that the plaintiff “falls far short of stating a claim against” it under any of his theories (Michael Terpin v. AT&T Inc., et al., No. 2:18-cv-06975, C.D. Calif.).

  • October 24, 2018

    Judge Dismisses Privacy, Negligence Claims Over Theft Of Data From Escrow Agent

    CHICAGO — Mostly granting an escrow agent’s motion to dismiss a lawsuit over a hacking incident that exposed a customer’s personal information, an Illinois federal judge on Oct. 16 found that the plaintiff did not allege any intentional disclosure or negligent misrepresentation by the agent (Robert Douglas White v. Citywide Title Corp., et al., No. 1:18-cv-02086, N.D. Ill., 2018 U.S. Dist. LEXIS 177834).

  • October 24, 2018

    Google Says Smartphone Data Collection Suit Must Fail Because Of User Consent

    SAN FRANCISCO — An iPhone user suing Google LLC for collecting location information from his device consented to such collection when he opted to use Google’s services, the tech giant tells a California federal court in an Oct. 22 motion, seeking dismissal of privacy claims against it as a matter of law (Napoleon Patacsil v. Google Inc., No. 3:18-cv-05062, N.D. Calif.).

  • October 23, 2018

    $50 Million Settlement Proposed In Consolidated Yahoo Data Breach Suit

    SAN JOSE, Calif. — In an Oct. 22 motion in California federal court, the plaintiffs in the two-year-old consolidated class action over various data breach and data theft incidents experienced by Yahoo! Inc. seek preliminary approval of a settlement that would establish a $50 million nonreversionary fund (In re:  Yahoo! Inc. Customer Data Security Breach Litigation, No. 5:16-md-02752, N.D. Calif.).

  • October 23, 2018

    Data Breach Whistleblower’s Retaliation Suit Against College Partly Dismissed

    PHOENIX — Finding that a former community college employee did not establish all of the necessary elements to prove that he was terminated for reporting data security violations, an Arizona federal magistrate judge on Oct. 12 partly granted summary judgment in favor of the school, while partly ruling for the employee on defamation and due process claims and deeming a jury determination necessary to resolve disputed factual elements (Miguel Corzo v. Maricopa County Community College District, et al., No. 2:15-cv-02552, D. Ariz., 2018 U.S. Dist. LEXIS 174967).

Can't find the article you're looking for? Click here to search the Mealey's Data Privacy archive.