SAN FRANCISCO — In a Dec. 18 order, a California federal judge dismissed privacy and related class claims against Facebook Inc. related to a now-discontinued practice of scraping users’ call and text information from Android smartphones, finding that the plaintiffs did not properly plead necessary elements of fraud or concrete harm (Anthony Williams, et al. v. Facebook Inc., No. 3:18-cv-01881, N.D. Calif.).
NEW ORLEANS — Nine days after directing a small tug boat company to produce certain cell phone data in a lawsuit over an employee’s death, a Louisiana federal magistrate judge on Dec. 19 clarified that the parties will share the costs associated with this discovery and extended the deadline for compliance with the previous order (Anne Dufrene v. American Tugs Inc., et al., No. 2:18-cv-00554, E.D. La., 2018 U.S. Dist. LEXIS 207803).
KANSAS CITY, Mo. — A Missouri federal judge on Dec. 10 sent a class complaint over the alleged theft of patient records from a hospital employee’s vehicle back to state court, finding that the hospital failed to show that the amount in controversy exceeded $5 million (K.A., et al. v. Children’s Mercy Hospital, No. 18-516, W.D. Mo., 2018 U.S. Dist. LEXIS 207733).
SAN FRANCISCO— Uber Technologies Inc. in a Dec. 17 appellee brief asks the Ninth Circuit U.S. Court of Appeals to find that a class complaint brought by two former drivers after a 2014 data breach was properly dismissed three times by a trial court for lack of standing (Sasha Antman, et al. v. Uber Technologies Inc. No. 18-16100, 9th Cir.).
SAN FRANCISCO— The Electronic Privacy Information Center (EPIC) on Dec. 17 filed an amicus curiae brief in the Ninth Circuit U.S. Court of Appeals supporting a trial court’s certification of a class of Facebook Inc. users who claim that the social network’s use of a photo-tagging feature violates the Illinois Biometric Information Privacy Act (BIPA), with the organization arguing that the plaintiffs sufficiently established injury via Facebook’s violation of the statute (In re Facebook Biometric Information Privacy Litigation, No. 18-15982, 9th Cir.).
OAKLAND, Calif. — A marketing firm that was accused of privacy violations for its use of so-called zombie cookies on mobile devices saw its motion to dismiss a class complaint against it granted Dec. 17, with a California federal judge finding that the plaintiffs failed to establish any injury from the cookie deployment (Anthony Henson, et al. v. Turn Inc., No. 4:15-cv-01497, N.D. Calif., 2018 U.S. Dist. LEXIS 212249).
LOS ANGELES — Uber Technologies Inc. on Dec. 7 informed a California federal court of motions to compel arbitration it filed in five individual cases brought by Uber drivers and riders that comprised a multidistrict litigation over a data breach announced by the company in 2017 (In re Uber Technologies Inc. Data Security Breach Litigation, No. 2:18-ml-02826, C.D. Calif.).
SAN FRANCISCO — In response to a stipulation by Google LLC and the plaintiffs in six class actions against the tech giant, a California federal judge on Dec. 11 consolidated the lawsuits over Google’s a purported tracking of smart phone users’ locations despite their opting out of such tracking (In re Google Location History Litigation, No. 5:18-cv-05062, N.D. Calif.).
LOS ANGELES — With the Dec. 13 filing of class complaints in California and Connecticut federal courts, more than 30 lawsuits have been lodged against Marriott International Inc. in the wake of a massive data breach that the hotel chain recently announced (Janel Sempre v. Marriott International Inc., et al., No. 2:18-cv-10324, C.D. Calif.; Stacey K. Allen, et al. v. Marriott International Inc., et al., No. 3:18-cv-02050, D. Conn.).
SAN FRANCISCO — Because users of Facebook Inc. agreed to its privacy policies, a Ninth Circuit U.S. Court of Appeals panel on Dec. 6 found that three of the social network’s users who sued it for privacy violations for collecting their health-related information consented to Facebook’s data-collection practices, affirming dismissal of their claims (Winston Smith, et al. v. Facebook Inc., No. 17-16206, 9th Cir., 2018 U.S. App. LEXIS 34397).
ATLANTA — In a Nov. 23 reply brief supporting their motion for limited relief from existing discovery stay, the plaintiffs in a consolidated class action over the 2017 data breach experienced by Equifax Inc. tell a Georgia federal court that certain requested documents and employee depositions are necessary to preserve evidence and to facilitate upcoming full discovery (In Re: Equifax Inc., Customer Data Security Breach Litigation, No. 1:17-md-2800, N.D. Ga.).
ALBANY, N.Y. — In a Dec. 4 press release, New York Attorney General (AG) Barbara D. Underwood announced that her office had reached a $4.95 million settlement with Oath Inc., formerly known as AOL Inc., for violations of the Children’s Online Privacy Protection Act (COPPA).
SANTA ANA, Calif. — In a Dec. 3 in chambers order, a California federal judge granted preliminary approval to a proposed settlement, valued at approximately $47 million, to settle a consolidated class action over a 2015 data breach experienced by Experian Information Solutions Inc. (In Re Experian Data Breach Litigation, No. 8:15-cv-01592, C.D. Calif.).
SAN FRANCISCO — In letter briefs filed Nov. 6 at the direction of the Ninth Circuit U.S. Court of Appeals, Yahoo! Inc. and its commercial general liability (CGL) insurer debate the impact of an August 2017 Ninth Circuit ruling on the present appeal pertaining to insurance coverage for claims brought under the Telephone Consumer Protection Act (TCPA) (Yahoo! Inc. v. National Union Fire Insurance Company of Pittsburgh, PA, No. 17-16452, 9th Cir.).
PORTLAND, Ore. — Two Marriott International Inc. customers filed a class complaint on Nov. 30 in an Oregon state court, seeking up to $12.5 billion for a nationwide class allegedly affected by the hotel chain’s data breach that was announced that same day (David Johnson, et al. v. Marriott International, Inc., No. 18CV54883, Ore. Cir., Multnomah Co.).
WASHINGTON, D.C. — One month after oral arguments were held, Google LLC, a class of Google users and the federal government filed supplemental briefs in the U.S. Supreme Court on Nov. 30 addressing whether the class had established standing under Article III of the U.S. Constitution to bring its privacy claims against the internet giant (Theodore H. Frank, et al. v. Paloma Gaos, et al., No. 17-961, U.S. Sup.).
CHICAGO — In its Nov. 28 response to a plaintiff’s motion to compel production of identifying information for prospective class members in a data breach lawsuit, Barnes & Noble Inc. tells an Illinois federal court that it properly redacted private customer information that is irrelevant at the class definition stage of the litigation (In re Barnes & Noble Pin Pad Litigation, No. 1:12-cv-08617, N.D. Ill.).
FRESNO, Calif. — On Nov. 28, the American Civil Liberties Union and Electronic Frontier Foundation (EFF) filed a motion in California federal court to unseal the court filings in a case where the U.S. Department of Justice (DOJ) reportedly sought to compel Facebook Inc. to provide it with access to users’ private calls made via the social network (In re U.S. Department of Justice Motion to Compel Facebook to Provide Technical Assistance in Sealed Case, Opinion and Order Issued in or About September 2018, No. 1:18-mc-00057, E.D. Calif.).
PITTSBURGH — The Pennsylvania Supreme Court on Nov. 21 found that an employer has a duty to protect any personally identifiable information (PII) that it collects from its employees, reversing the dismissal of a putative class of hospital employees’ negligence claim over the theft of their information after a breach of their employer’s network (Barbara A. Dittman, et al. v. UPMC, et al., No. 43 WAP 2017, Pa. Sup., 2018 Pa. LEXIS 6051).
CHICAGO — In an Oct. 24 response brief, five members of the Chicago Police Department (CPD) tell the Seventh Circuit U.S. Court of Appeals that a newspaper’s appeal of a ruling that deemed it in violation of the Driver’s Privacy Protection Act (DPPA) is premature and merits dismissal because the trial court’s order was not final and did not award any relief (Scott Dahlstrom, et al. v. Sun-Times Media LLC, No. 18-3101, 7th Cir.).