BROOKLYN, N.Y. — Finding that the Federal Bureau of Investigation had probable cause to believe that a defendant who is charged with Hobbs Act violations was associated with a gang implicated in criminal conspiracy, a New York federal judge on June 5 denied the defendant’s motion to suppress evidence obtained via warrant from his Facebook account, deeming the warrant sufficiently particularized and not in violation of the Fourth Amendment to the U.S. Constitution (United States v. Sharod Liburd, No. 1:17-cr-00296, E.D. N.Y., 2018 U.S. Dist. LEXIS 94440).
HONOLULU — Two customers of the Hawaiian-based restaurant chain Zippy’s filed a putative class action against the chain’s operator June 1 in Hawaii federal court, alleging negligence related to a recently announced breach of the Zippy’s payment system, which they say resulted in payment card fraud (Joshua Bokelman, et al. v. FCH Enterprises Inc., No. 1:18-cv-00209, D. Hawaii).
MIAMI — A Federal Trade Commission order requiring a now-defunct laboratory testing company to implement a reasonable data-security program was deemed unenforceable on June 6 by an 11th Circuit U.S. Court of Appeals panel, which found that rather than “enjoin[ing] a specific act or practice,” the order “mandates a complete overhaul of [LabMD Inc.’s] data-security program and says precious little about how this is to be accomplished” (LabMD Inc. v. Federal Trade Commission, No. 16-16270, 11th Cir., 2018 U.S. App. LEXIS 15229).
WASHINGTON, D.C. — A growing list of class actions against Facebook Inc. over the sharing of millions of social network users’ personal data by a third-party app developer will be centralized in California federal court, the U.S. Judicial Panel for Multidistrict Litigation (JPMDL) ruled June 6, granting a motion to transfer by two of the plaintiffs (In re Facebook Inc., Consumer Privacy User Profile Litigation, No. 2843, JPMDL).
CLEVELAND — A Ohio appellate court majority on May 24 reversed a lower court’s ruling that denied a nursing home’s motion for a protective order and compelled it to provide discovery of records pertaining to a nonparty nursing home resident who allegedly fatally assaulted another resident, remanding for an in camera review of the documents to determine whether they are undiscoverable (David Howell, Jr. v. Park East Care & Rehabilitation, et al., No. 106041, Ohio App., 8th Dist., 2018 Ohio App. LEXIS 2225).
ATLANTA — Two weeks after consolidated class complaints were filed by consumer and small business (SB) classes in the consolidated multidistrict litigation over the massive 2017 Equifax Inc. data breach, a class of financial institutions (FIs) followed suit May 30, filing a consolidated complaint in Georgia federal court, accusing the credit-reporting giant of negligence and related claims (In Re: Equifax Inc., Customer Data Security Breach Litigation, No. 1:17-md-2800, N.D. Ga.).
WASHINGTON, D.C. — Donald Trump’s presidential campaign and Republican strategist Roger Stone each filed briefs May 31, opposing a jurisdictional discovery request in a lawsuit over the 2016 hack of the Democratic National Committee’s (DNC’s) database, asserting that the discovery sought by the plaintiffs, whose personally identifiable information (PII) was stolen and posted online, is overbroad and untimely (Roy Cockrum, et al. v. Donald J. Trump For President Inc., et al., No. 1:17-cv-01370, D. D.C.).
CHICAGO — Class claims by an employee challenging the collection and storage of fingerprint scans may proceed against the company that employed her and the third-party scanner provider, an Illinois federal judge ruled May 31 (Cynthia Dixon v. The Washington and Jane Smith Community – Beverly, et al., No. 17-8033, N.D. Ill., 2018 U.S. Dist. LEXIS 90344).
ORLANDO, Fla. — In light of an announced “agreement in principle” between Wendy’s International LLC and a group of customers who claim that their payment card data (PCD) was compromised in a breach of the fast food chain’s payment system, a Florida federal judge on May 25 administratively closed a putative negligence class action to allow the parties to finalize terms of their settlement (Christine Jackson, et al. v. Wendy’s International LLC, No. 6:16-cv-00210, M.D. Fla.).
CHICAGO — An Illinois federal judge on May 24 remanded a class complaint accusing a theme park of violating the Fair Credit Reporting Act (FCRA), as amended by the Fair and Accurate Transactions Act of 2003 (FACTA), by printing more than the last five digits of debit card numbers on receipts, ruling that the federal court lacks subject matter jurisdiction (Hugo Soto, et al. v. Great America, LLC, et al., No. 17-6902, N.D. Ill., 2018 U.S. Dist. LEXIS 87598).
SAN FRANCISCO — The same day that a California federal judge denied Facebook Inc.’s motion to stay proceedings in a suit over its alleged violations of the Illinois Biometric Information Privacy Act (BIPA), a Ninth Circuit U.S. Court of Appeals panel on May 29 granted the social network’s emergency motion to stay trial court proceedings pending its appeal of a class certification ruling (Namesh Patel, et al. v. Facebook Inc., No. 18-80053, 9th Cir.).
PEORIA, Ill. — An Illinois federal judge on May 23 sent a class complaint accusing a restaurant chain of improperly collecting and retaining employees’ fingerprints back to state court, ruling that the district court lacks jurisdiction (Emily Kiefer, et al. v. Bob Evans Farms, LLC, et al., No. 17-1544, C.D. Ill., 2018 U.S. Dist. LEXIS 88639).
SAN JOSE, Calif. — In a May 15 brief, the lead plaintiffs in a class action over Anthem Inc.’s 2015 data breach ask a California federal judge to overrule a special master’s findings and increase a recommended attorney fees award in the preliminarily settled suit by more than $9 million (In Re: Anthem Inc., Customer Data Security Breach Litigation, No. 5:15-md-02617, N.D. Calif.).
COLUMBUS, Ohio — CVS Health Corp. and its subsidiaries disclosed the HIV status of approximately 6,000 patients in a mass mailing, a Dayton, Ohio, resident, referred to only as John Doe, alleges in a May 16 class complaint filed in the U.S. District Court for the Southern District of Ohio (John Doe, et al. v. CVS Health Corporation, et al., No. 18-488, S.D. Ohio).
BALTIMORE — In a May 18 reply brief in Maryland federal court, Wikimedia Foundation defends its motion to compel documents to establish that its communications were intercepted by the National Security Agency’s (NSA) upstream surveillance program, arguing that a statutory in camera review procedure defeats the government’s assertion of the state secrets privilege (Wikimedia Foundation v. National Security Agency, et al., No. 1:15-cv-00662, D. Md.).
RICHMOND, Va. — Border agents’ discovery of weapons in an airline passenger’s luggage created sufficient individualized suspicion to justify a forensic examination of his smartphone without violating the Fourth Amendment to the U.S. Constitution, a Fourth Circuit U.S. Court of Appeals panel majority ruled May 9, finding that a trial court properly declined to suppress evidence obtained from the search (United States v. Hamza Kolsuz, No. 16-4687, 4th Cir., 2018 U.S. App. LEXIS 12147).
SAN JOSE, Calif. — Granting a motion for partial dismissal by Intuit Inc., a California federal judge on May 15 found that two plaintiffs failed to sufficiently amend their complaint to support negligence and aiding and abetting claims against the tax software firm related to incidents of identity theft and tax fraud due to data theft (Christine Diaz, et al. v. Intuit Inc., No. 5:15-cv-01778, N.D. Calif.; 2018 U.S. Dist. LEXIS 82009).
OAKLAND, Calif. — After engaging in arbitration, a New York woman filed a stipulation in California federal court May 17, voluntarily dismissing a putative class action under the Electronic Communications Privacy App (ECPA) against National Basketball Association team the Golden State Warriors and a technology firm, disposing of her allegations of eavesdropping via the team’s smartphone app (LaTisha Satchell v. Signal360 Inc., et al., No.3:16-cv-04961, N.D. Calif.).
HELENA, Mont. — A trial court didn’t err when it found that a woman who sued a company performing background checks over the inclusion of obsolete information in checks carried out for potential employers failed to satisfy the element of superiority under Montana Rule of Civil Procedure 23(b)(3) in her motion for class certification, a divided Montana Supreme Court ruled May 15 (Nissa Ascencio, et al. v. Orion International Corp., No. DA 17-0353, Mont. Sup., 2018 MT 121).
SAN FRANCISCO — Citing a “multitude of fact disputes,” a California federal judge on May 14 denied summary judgment motions by Facebook Inc. and a group of Facebook users in a class action alleging that the social network operator violated the Illinois Biometric Information Privacy Act (BIPA) by collecting users’ facial scans in connection with a photo-tagging feature (In re Facebook Biometric Information Privacy Litigation, No. 3:15-cv-03747, N.D. Calif., 2018 U.S. Dist. LEXIS 81044).