WASHINGTON, D.C. — With the U.S. Supreme Court’s March 26 denial of certiorari, a Massachusetts Supreme Judicial Court ruling that granted a deceased man’s siblings access to his Yahoo email account under the “lawful consent” exception to the Electronic Communications Privacy Act (ECPA) will stand, with the high court declining to consider arguments over user consent and privacy (Oath Holdings Inc. v. Marianne Ajemian, et al., No. 17-1005, U.S. Sup., 2018 U.S. LEXIS 1936).
WASHINGTON, D.C. — In a March 22 reply brief, two objectors to the settlement of privacy class claims against Google LLC ask the U.S. Supreme to grant their petition for certiorari to address the fairness of cy pres settlements that provide no relief or compensation to the class at large (Theodore H. Frank, et al. v. Paloma Gaos, et al., No. 17-961, U.S. Sup.).
SAN JOSE, Calif. — Following a recent revelation by Facebook Inc. that millions of its social network users’ personal information was shared with a third-party analytics firm with political ties, a Facebook user on March 20 filed a class complaint against the social network in California federal court, alleging negligence and unfair competition (Lauren Price v. Facebook Inc., et al., No. 5:18-cv-01732, N.D. Calif.).
CHICAGO — Travel-booking website operator Orbitz LLC on March 20 announced its recent discovery of a data security incident that potentially compromised the personal information of up to 880,000 of the users of www.orbitz.com.
SANTA ANA, Calif. — A marketing presentation that was sought in discovery by the plaintiffs in a putative privacy class action over Vizio Inc. smart TVs is not protected by attorney-client privilege, a California federal magistrate ruled in a March 13 in chambers order, finding the presentation to be business-oriented and not pertaining to legal advice (In Re: Vizio Inc., Consumer Privacy Litigation, No. 8:16-ml-02693, C.D. Calif.).
MENLO PARK, Calif. — In a March 16 press release, Facebook Inc. announced that user data that a third-party app developer improperly shared with an analytics firm in 2015 had not been destroyed despite assurances it had received to the contrary.
WASHINGTON, D.C. — In a March 16 ruling, the Foreign Intelligence Surveillance Court of Review found that the American Civil Liberties Union has standing to pursue its petition seeking unredacted versions of U.S. Foreign Intelligence Surveillance Court (FISC) opinions related to the federal government’s surveillance program under the First Amendment to the U.S. Constitution (In re: Certification of Questions of Law to the Foreign Intelligence Surveillance Court of Review, No. 18-01, FISC Review).
WASHINGTON, D.C. — In a May 5 reply brief supporting its petition for certiorari, the successor to Yahoo! Inc. urges the U.S. Supreme Court to review a Massachusetts Supreme Judicial Court ruling granting a deceased man’s siblings access to his email account, arguing that the Electronic Communications Privacy Act (ECPA) does not permit such access absent an account holder’s consent (Oath Holdings Inc. v. Marianne Ajemian, et al., No. 17-1005, U.S. Sup.).
SAN FRANCISCO — In a March 15 brief in California federal court, two former drivers with Uber Technologies Inc. oppose the ride-hailing service’s latest motion to dismiss their putative class action over a data breach, asserting their standing to pursue unfair competition and negligence claims related to their ex-employer’s purported duty to safeguard their personally identifiable information (PII) that was exposed in the breach (Sasha Antman v. Uber Technologies Inc., et al., No. 3:15-cv-01175, N.D. Calif.).
WASHINGTON, D.C. — The settlement of a privacy class action over search query referrer headers appropriately included a payment of $5.3 million to privacy advocate cy pres recipients, Google LLC and the class representatives argue in a pair of March 9 briefs, urging the U.S. Supreme Court to deny a petition for certiorari filed by two class members who had objected to the settlement as collusive and not of benefit to the class (Theodore H. Frank, et al. v. Paloma Gaos, et al., No. 17-961, U.S. Sup.).
NEW ORLEANS — A Fifth Circuit U.S. Court of Appeals panel on March 14 held that a federal judge in Mississippi did not err when refusing to hold separate trials for claims brought against two consultants who created fake claimants for benefits under the Deepwater Horizon Economic and Property Damages settlement, finding that the defendants were not prejudiced by their co-defendants’ defenses (United States of America v. Gregory P. Warren, et al., No. 16-60843, 5th Cir., 2018 U.S. App. LEXIS 6352).
SAN FRANCISCO — Five months after preliminarily approving settlement of claims brought against Seagate Technology LLC by a class of employees over a 2016 phishing incident that exposed their personally identifiable information (PII), a California federal judge on March 14 granted final approval to the settlement, as well as to incentive and attorney fee awards (Everett Castillo, et al. v. Seagate Technology LLC, No. 3:16-cv-01958, N.D. Calif.).
MINNEAPOLIS — A Minnesota federal judge on March 7 dismissed with prejudice a multidistrict litigation case accusing two supermarket chains of failing to protect customers’ personal identifying information (PII) after their payment-processing network system was breached by hackers, finding that the plaintiffs were unable to amend their complaint to allege standing and injury (In Re: SuperValu, Inc., No. 14-2586, D. Minn., 2018 U.S. Dist. LEXIS 36944).
SAN JOSE, Calif. — In her second ruling addressing a motion by Yahoo! Inc. to dismiss a putative class action over data breaches that exposed users’ personally identifiable information (PII), a California federal judge on March 9 deemed most of the claims sufficiently alleged, while partly dismissing unfair competition, customer records and punitive damages claims (In re: Yahoo! Inc. Customer Data Security Breach Litigation, No. 5:16-md-02752, N.D. Calif.).
SACRAMENTO, Calif. — Home Depot U.S.A. has agreed to pay $27.8 million to resolve allegation brought by the state of California that it violated the Hazardous Waste Control Law (HWCL) and California’s unfair competition law (UCL) by illegally storing and disposing of hazardous wastes at its stores and facilities, according to a March 7 filing in California state court (California v. Home Depot U.S.A., No. RG18893251, Calif. Super., Alameda Co.).
SAN FRANCISCO — Reversing a trial court’s dismissal order, a Ninth Circuit U.S. Court of Appeals panel on March 8 found that customers of Zappos.com Inc. have standing under Article III of the U.S. Constitution to sue the online retailer over a 2012 data breach based on the risk of identity theft from the exposure of their personally identifiable information (PII) (In re Zappos.com Inc. Customer Data Security Breach Litigation, No. 16-16860, 9th Cir., 2018 U.S. App. LEXIS 5841).
CHICAGO — An Illinois federal judge on March 5 dismissed the federal claim brought by two fitness phone application users in a class complaint over unauthorized collection of their data, narrowed their state claim and recommended two possible alternative federal statutes under which the plaintiffs could file a claim (Jessica Vasil, et al. v. Kiip, Inc., No. 16-9937, N.D. Ill., 2018 U.S. Dist. LEXIS 35573).
SAN FRANCISCO — In a March 6 stipulation filed in California federal court, Google LLC and a putative class announced that they have preliminarily settled privacy claims related to personal payload data collected during Google’s Street View photographing efforts, informing the court that a preliminary settlement agreement would be forthcoming (In re Google LLC Street View Electronic Communications Litigation, No. 3:10-md-02184, N.D. Calif.).
PHILADELPHIA — Pennsylvania Attorney General (AG) Josh Shapiro on March 5 filed suit against Uber Technologies Inc. in Pennsylvania state court, alleging violation of state consumer protection and notification laws in the ride-sharing service’s yearlong delay in informing its drivers in the commonwealth about a 2016 data breach that exposed their personally identifiable information (PII) (Pennsylvania v. Uber Technologies Inc., No. NA, Pa. Comm. Pls., Philadelphia Co.).
BLUEFIELD, W.Va. — A businessowners liability insurer on Feb. 12 moved for judgment on the pleadings in its declaratory judgment lawsuit challenging coverage for seven lawsuits alleging that the insured's employee filed fraudulent tax returns (Ohio Security Insurance Co. v. K R Enterprises, Inc., et al., No. 15-16264, S.D. W.Va.).