Mealey's Data Privacy

  • October 02, 2018

    Facebook Announces Breach Affecting 50 Million Users, Gets Sued For Negligence

    SAN FRANCISCO — The same day that Facebook Inc. announced a data breach affecting almost 50 million of its users’ accounts, two of the social network’s account holders on Sept. 28 filed a putative class action against it for unfair competition, negligence and deceit in California federal court (Carl Echavarria, et al. v. Facebook Inc., No. 3:18-cv-05982, N.D. Calif.).

  • October 01, 2018

    Argument In Google Cy Pres Class Settlement Case Will Be Divided, High Court Says

    WASHINGTON, D.C. — Three days after objectors to the cy pres settlement in a privacy class action against Google LLC filed a reply brief asking the U.S. Supreme Court to clarify the fairness of such settlements, the court in its Oct. 1 order list granted the respondents’ motion that the upcoming Oct. 31 oral arguments be divided (Theodore H. Frank, et al. v. Paloma Gaos, et al., No. 17-961, U.S. Sup.).

  • September 26, 2018

    Class Action Over Smart Toy Maker’s Data Breach Settled, Dismissed

    CHICAGO — An Illinois federal judge on Sept. 14 dismissed with prejudice a putative class action against smart toy maker VTech Electronics North America LLC over a 2015 data breach pursuant to a stipulation of dismissal jointly filed by the defendant and the plaintiffs (In re VTech Data Breach Litigation, No. 1:15-cv-10889, N.D. Ill.).

  • September 26, 2018

    Facebook Users Defend Privacy, Wiretap Claims From URL Collection To 9th Circuit

    SAN FRANCISCO — Arguing that Facebook knowingly tracked their internet browsing, a group of the social network’s users tell the Ninth Circuit U.S. Court of Appeals in a Sept. 19 reply brief that Facebook’s use of persistent cookies constituted illegal wiretapping and an invasion of privacy in violation of federal and state laws (In re:  Facebook Inc. Internet Tracking Litigation, No. 17-17486, 9th Cir.).

  • September 26, 2018

    3 Boston Hospitals Settle HHS HIPAA Charges For Almost $1 Million

    WASHINGTON, D.C.  — The U.S. Department of Health and Human Services (HHS) on Sept. 20 announced that it had reached settlements with three Boston hospitals that had been charged with violating the Health Insurance Portability and Accountability Act (HIPAA) in connection with the filming of a television show.

  • September 25, 2018

    Consolidated Complaint Filed In Centralized Lawsuit Over Facebook Data Sharing

    SAN FRANCISCO — Three and a half months after dozens of lawsuits against Facebook Inc.  were centralized in California federal court, the plaintiffs on Sept. 21 filed a consolidated complaint against the social network alleging privacy violations, negligence and related claims for Facebook’s sharing of users’ personal information with a third-party consulting firm (In re Facebook Inc., Consumer Privacy User Profile Litigation, No. 3:18-md-2843, N.D. Calif.).

  • September 25, 2018

    Dismissal Of Government Surveillance Suits Appealed To D.C. Circuit

    WASHINGTON, D.C. — The plaintiff in three lawsuits over the National Security Agency’s domestic surveillance activities on Sept. 17 filed an appellant brief in the third suit in the District of Columbia Circuit U.S. Court of Appeals, arguing that a trial court improperly dismissed his claims under the Fourth Amendment to the U.S. Constitution without permitting discovery (Larry Klayman v. National Security Agency, et al., No. 18-5097, D.C. Cir.; and Larry Klayman, et al. v. Barack Obama, et al., Nos. 17-5281 and 17-5282, D.C. Cir.).

  • September 25, 2018

    Financial Institutions Defend Negligence Claims In Equifax Data Breach Suit

    ATLANTA — A group of banks and financial institution (FI) plaintiffs filed a brief Sept. 20 in Georgia federal court opposing Equifax’s motion to dismiss claims related to its 2017 data breach, arguing that they sufficiently alleged injuries related to the defendant’s failure to protect their members’ personally identifiable information (PII) (In Re:  Equifax Inc., Customer Data Security Breach Litigation, No. 1:17-md-2800, N.D. Ga.).

  • September 19, 2018

    Settlement Denied, Class Decertified In Neiman Marcus Data Breach Suit

    CHICAGO — An Illinois federal judge on Sept. 17 denied approval of a $1.2 million settlement by Neiman Marcus Group LLC in a data breach lawsuit without prejudice and decertified the settlement class, citing intraclass conflicts (Hilary Remijas, et al. v. The Neiman Marcus Group, LLC, No. 14-1735, N.D. Ill., 2018 U.S. Dist. LEXIS 158250).

  • September 19, 2018

    Altaba To Pay $47 Million In Settlement Of All Yahoo Data Breach Claims

    WASHINGTON, D.C. — The rebranded Yahoo Inc. will pay approximately $47 million in a global settlement of all litigation arising from its historic data breach, the company said Sept. 17 in a filing with the Securities and Exchange Commission, which already fined the company $35 million for its handling of the breach.

  • September 13, 2018

    Equifax Says Data Breach Plaintiffs Failed To Plead FCRA, Contract Claims

    ATLANTA — In a Sept. 12 reply brief supporting its motion to dismiss a consolidated class action over its 2017 data breach, Equifax Inc. tells a Georgia federal court that a group of consumer plaintiffs did not plead necessary elements of their contract, negligence and Fair Credit Reporting Act (FCRA) claims, also asserting that a host of claims brought under other states’ laws cannot apply to conduct that occurred only in Georgia (In Re:  Equifax Inc., Customer Data Security Breach Litigation, No. 1:17-md-2800, N.D. Ga.).

  • September 12, 2018

    Plaintiffs Seek Sanctions For Premera’s Spoliation In Data Breach Suit

    PORTLAND, Ore. — The plaintiffs in a putative class action against Premera Blue Cross over a 2014 data breach filed a motion Aug. 30 for sanctions for discovery misconduct in Oregon federal court, claiming that the insurer willfully spoliated evidence that the hackers exfiltrated policyholders’ data (In Re:  Premera Blue Cross Customer Data Security Breach Litigation, No. 3:15-md-02633, D. Ore.).

  • September 11, 2018

    Withheld NSA Documents Ruled Privileged In Wikimedia Upstream Surveillance Suit

    BALTIMORE — Concluding that an in camera review provision in the Foreign Intelligence Surveillance Act (FISA) does not apply, a Maryland federal judge on Aug. 20 denied a motion by Wikimedia Foundation to compel documents withheld from discovery by the National Security Agency (NSA) in a lawsuit over purported constitutional violations in the agency’s upstream surveillance activities (Wikimedia Foundation v. National Security Agency, et al., No. 1:15-cv-00662, D. Md., 2018 U.S. Dist. LEXIS 141418).

  • September 10, 2018

    Google Asks 9th Circuit To Dismiss, Remand Appeal Over Foreign-Stored Emails

    SAN FRANCISCO — Citing the U.S. Supreme Court’s disposal of a similar case as moot in light of recent legislation, Google LLC on Sept. 7 moved for the Ninth Circuit U.S. Court of Appeals to dismiss and remand its presently stayed appeal of a trial court order requiring the company to comply with a governmental warrant seeking production of emails stored outside the United States (In re:  Search of Content That is Stored at Premises Controlled by Google, No. 17-17393, 9th Cir.).

  • September 07, 2018

    Divided Argument Sought, Amicus Briefs Filed In Google Privacy Cy Pres Suit

    WASHINGTON, D.C. — The same day that 13 amicus curiae briefs were filed supporting a cy pres settlement in a privacy class action over Google LLC’s sharing of referrer header information, both the respondents and the federal government filed briefs with the U.S. Supreme Court Sept. 5, requesting that the Oct. 31 oral arguments be divided (Theodore H. Frank, et al. v. Paloma Gaos, et al., No. 17-961, U.S. Sup.).

  • September 06, 2018

    Zappos Asks High Court To Address Article III Standard For Data Breach Suits

    WASHINGTON, D.C. — Online retailer Inc. filed a petition for certiorari on Aug. 20, urging the U.S. Supreme Court to address a deepening circuit split on the “recurring and important issue” of what constitutes whether a concrete injury sufficient to confer an individual whose personally identifiable information (PII) was compromised in a data breach with standing to sue the breached business under Article III of the U.S. Constitution ( Inc. v. Theresa Stevens, et al., No. 18-225, U.S. Sup.).

  • September 06, 2018

    More Time To Iron Out Settlement Granted In Motel 6 Guest List Suit

    PHOENIX — An Arizona federal judge on Aug. 20 granted a joint motion seeking additional time to complete a settlement agreement in a class complaint accusing Motel 6 Operating L.P. and G6 Hospitality LLC, doing business as Motel 6, of voluntarily turning over guest registration information to agents of U.S. Immigration and Customs Enforcement (ICE) within the Department of Homeland Security (DHS) (Jane V., et al. v. Motel 6 Operating L.P., et al., No. 18-242, D. Ariz.).

  • September 05, 2018

    Nonmonetary Class Claims Settled In TurboTax Data Theft Suit

    SAN JOSE, Calif. — Three months after most of the asserted class claims against Intuit Inc. were dismissed, the plaintiffs in a putative class action over 2014 data theft incidents associated with the TurboTax line of tax preparation software filed a motion in California federal court Aug. 23 seeking preliminary approval of a settlement that would dispose of nonmonetary claims, while permitting class members to pursue claims over actual damages from fraudulent tax return filings (In re Intuit Data Litigation, No. 5:15-cv-01778, N.D. Calif.).

  • September 04, 2018

    Employee: Supreme Court Lacks Jurisdiction To Hear Federal Arbitration Act Appeal

    WASHINGTON, D.C. — The U.S. Supreme Court has no jurisdiction to hear an employer’s appeal of a class arbitration ruling because the original, two-part decision by the trial court was not appealable; however, if the high court decides to reach the merits, it should hold that the Federal Arbitration Act (FAA) doesn’t preempt state law, an employee argues in his respondent brief filed Aug. 30 in the high court (Lamps Plus, Inc., et al. v. Frank Varela, No. 17-988, U.S. Sup.).

  • September 04, 2018

    Google, Privacy Class Defend Cy Pres Settlement In Supreme Court Briefs

    WASHINGTON, D.C. — In a pair of Aug. 29 respondent briefs, Google LLC and a class with which it settled privacy claims tell the U.S. Supreme Court that cy pres settlements, when subject to certain guidelines, are a useful way to settle certain class actions, like the one below, in which distribution of funds to class members is infeasible (Theodore H. Frank, et al. v. Paloma Gaos, et al., No. 17-961, U.S. Sup.).

Can't find the article you're looking for? Click here to search the Mealey's Data Privacy archive.