Mealey's Data Privacy

  • January 24, 2018

    Plaintiffs’ Claims Against Insurer Reinstated In Data Breach Class Action

    ROCHESTER, N.Y. — In light of a Second Circuit U.S. Court of Appeals ruling and newly submitted evidence suggesting potential criminal misuse of policyholders’ personally identifiable information (PII), which was stolen in a breach of their insurer’s network, a New York federal judge on Jan. 19 found that sufficient allegations of injury from the risk of future identity theft merited reconsideration of her previous decision to dismiss claims brought by some of the plaintiffs in a putative class action against the insurer (Matthew Fero, et al. v. Excellus Health Plan Inc., et al., No. 6:15-cv-06569, W.D. N.Y., 2018 U.S. Dist. LEXIS 8999).

  • January 22, 2018

    Washington State Sues Motel 6, Alleges It Provided Guest Lists To ICE Agents

    SEATTLE — Washington State Attorney General Bob Ferguson announced in a press release that the state sued Motel 6 on Jan. 3 in the King County Superior Court, alleging that the national hotel chain voluntarily provided guest lists to agents of U.S. Immigration and Customs Enforcement (ICE) on a routine basis for at least two years (Washington v. Motel 6 Operating LP, Wash. Super., King Co.).

  • January 22, 2018

    Wendy’s Opposes Class Certification Of Customers In Data Breach Suit

    ORLANDO, Fla. — Customers suing over a 2015/2016 data breach at fast food franchises have proposed class definitions that are “fundamentally flawed,” have failed to show that there is common evidence and haven’t proven any risk of future harm, Wendy’s International LLC argues in its opposition to a motion for class certification filed Jan. 16 in a Florida federal court (Jonathan Torres, et al. v. Wendy’s International, LLC, No. 16-210, M.D. Fla.).

  • January 22, 2018

    U.S. Supreme Court Denies Follow-Up Certiorari In Spokeo

    WASHINGTON, D.C. — The U.S. Supreme Court on Jan. 22 denied a petition for certiorari filed by an online data aggregator seeking review of a follow-up question related to standing under Article III of the U.S. Constitution that it claimed was not resolved in a 2016 ruling by the Supreme Court in the same case (Spokeo Inc. v. Thomas Robins, No. 17-806, U.S. Sup.).

  • January 19, 2018

    Connecticut High Court: Health Care Provider Owed Patient Confidentiality

    HARTFORD, Conn. — A Connecticut trial court erred when it ruled for a health care provider, finding that it did not owe its patient a common-law duty of confidentiality when responding to a subpoena, the Connecticut Supreme Court ruled Jan. 16 (Emily Byrne v. Avery Center for Obstetrics and Gynecology, P.C., SC 19873, Conn. Sup., 2018 Conn. LEXIS 20).

  • January 18, 2018

    Aetna Will Pay $17 Million To End Privacy Class Suit By HIV Patients

    PHILADELPHIA — Aetna Inc. and related entities (Aetna, collectively) have agreed to pay $17,161,200 to settle privacy claims by more than 13,400 class members whose HIV status was revealed by the insurer through an indiscreet mailing, according to a motion for preliminary approval of a class action settlement filed Jan. 16 (Andrew Beckett, et al. v. Aetna, Inc., et al., No. 17-3864, E.D. Pa.).

  • January 16, 2018

    Microsoft To Supreme Court: SCA Does Not Permit Seizure Of Foreign-Stored Emails

    WASHINGTON, D.C. — In a Jan. 11 respondent brief, Microsoft Corp. asks the U.S. Supreme Court to affirm the Second Circuit U.S. Court of Appeals’ finding that the Stored Communications Act (SCA) does not permit the government to seize, via warrant, emails that are stored abroad, arguing that altering of the 30-year old statute’s reach to address such modern technological matters should be handled via legislation, not litigation (United States v. Microsoft Corp., No. 17-2, U.S. Sup.).

  • January 11, 2018

    Parties Debate Whether Follow-Up Certiorari Is Merited In FCRA Article III Dispute

    WASHINGTON, D.C. — In a Jan. 3 reply brief supporting its certiorari petition, an online data aggregator that has twice received adverse rulings on a Fair Credit Reporting Act (FCRA) complaint against it asks the U.S. Supreme Court to grant review to address a follow-up question pertaining to standing under Article III of the U.S. Constitution that it says was not resolved in a 2016 ruling by the high court in the same case (Spokeo Inc. v. Thomas Robins, No. 17-806, U.S. Sup.).

  • January 11, 2018

    Consolidated Equifax Suit To Have Separate Consumer, Financial Institution Tracks

    ATLANTA — A month after almost 100 lawsuits over the recently announced Equifax Inc. data breach were consolidated, the presiding Georgia federal judge, in a Jan. 9 case management order, announced that the case would proceed with separate, concurrent tracks for individual consumer and financial institution (FI) plaintiffs (In Re:  Equifax Inc., Customer Data Security Breach Litigation, No. 1:17-md-2800, N.D. Ga.).

  • January 09, 2018

    Insurer Says No Coverage Due In Yahoo Email Scanning Suits

    SAN JOSE, Calif. — A commercial general liability (CGL) insurer on Jan. 4 moved for summary judgment in California federal court in a coverage dispute with Yahoo! Inc., arguing that its duty to indemnify was never triggered in underlying privacy lawsuits over the internet firm’s former email-scanning practices because no damages award was levied against Yahoo (Yahoo! Inc. v. National Union Fire Insurance Company of Pittsburgh, Pa., No. 5:17-cv-00489, N.D. Calif.).

  • January 08, 2018

    Google Buzz Class Action Settlement Objector Denied Certiorari Bid

    WASHINGTON, D.C. — In its Jan. 8 order list, the U.S. Supreme Court denied a petition for certiorari by a man who claimed to have opted out of the 2011 settlement of a privacy class action against Google Inc. over its now-defunct Google Buzz feature, letting stand a Ninth Circuit U.S. Court of Appeals ruling affirming dismissal of the suit under the doctrine of res judicata (Michael Amalfitano v. Google Inc., No. 17-358, U.S. Sup.).

  • January 05, 2018

    Magistrate Judge Denies Gynecologist’s Request For Grand Jury Instructions

    BOSTON — A gynecologist accused of wrongfully providing a pharmaceutical drug sales representative access to patients’ confidential health information cannot have access to instructions provided to two grand juries, a federal magistrate judge in Massachusetts ruled Jan. 3, holding that the information could not support her claim for vindictive prosecution (United States of America v. Rita Luthra, No. 15-cr-30032, D. Mass., 2018 U.S. Dist. LEXIS 604).

  • January 04, 2018

    Coverage Row Over Unlawful Disclosure Claims Against Doctor Argued In 1st Circuit

    BOSTON — A federal court correctly determined that, based on terms in a professional liability policy, an insurer has no duty to defend an insured doctor against claims by his ex-wife that he unlawfully disclosed her confidential health care information, the insurer tells the First Circuit U.S. Court of Appeals in a Nov. 22 response brief (Medical Mutual Insurance Company of Maine, Inc. v. Douglas Burka, 17-1872, 1st Cir.).

  • January 04, 2018

    Hospital Sued By Former Employee Over Use, Disclosure Of Fingerprints

    CHICAGO — An Illinois man filed a class complaint on Dec. 21 in an Illinois state court accusing a Chicago hospital of violating state law by collecting, storing and disclosing employees’ fingerprints and then failing to destroy the data when employment ends (Corey Heard, et al. v. St. Bernard Hospital, et al., No. 2017-CH-16828, Ill. Cir., Cook Co.).

  • January 03, 2018

    Data Breach Victims Ask High Court To Deny CareFirst’s Article III Petition

    WASHINGTON, D.C. — An appeals court correctly found that they plausibly alleged an injury-in-fact due to a breach of their insurer’s network and the theft of their personally identifiable information (PII), a group of insureds tell the U.S. Supreme Court in a Jan. 2 brief opposing the insurer’s petition for certiorari challenging their standing under Article III of the U.S. Constitution (CareFirst Inc., et al. v. Chantal Attias, et al., No. 17-641, U.S. Sup.).

  • January 02, 2018

    D.C. Circuit Affirms Denial Of Injunction In Suit Over Voter Info Collection

    WASHINGTON, D.C. — A civil liberties organization failed to establish standing to sue over a federal governmental advisory committee’s request for voter information from the states, a District of Columbia Circuit U.S. Court of Appeals panel majority ruled Dec. 26, upholding a trial court’s denial of a preliminary injunction that would halt collection of the information (Electronic Privacy Information Center v. Presidential Advisory Commission on Election Integrity, et al., No. 17-5171, D.C. Cir., 2017 U.S. App. LEXIS 26535).

  • December 22, 2017

    Federal Judge Partly Grants Motion For Protective Order In Wrongful Death Dispute

    BALTIMORE — In accordance with the Health Insurance Portability and Accountability Act (HIPAA) and its implanting regulations, a Maryland federal judge on Dec. 19 issued a disclosure order authorizing health care providers to disclose a decedent’s protected health information in the presence of plaintiff’s counsel in a wrongful death and negligence lawsuit and also issued a qualified protective order authorizing third parties to disclose the decedent’s protected health information pursuant to traditional discovery mechanisms (Gwendolyn Lynch v. SSC Glen Burnie Operating Company, LLC, No. 17-1328, D. Md., 2017 U.S. Dist. LEXIS 208948).

  • December 20, 2017

    Suits Over NSA Data Collection Dismissed For Lack Of Jurisdiction

    WASHINGTON, D.C. — Although a District of Columbia federal judge applauded a group of plaintiffs’ efforts to champion constitutional rights allegedly violated by the National Security Agency’s (NSA’s) bulk metadata collection program, he nevertheless found it necessary to dismiss their lawsuits against the government for lack of jurisdiction in a Nov. 21 ruling, in light of the subsequent expiry of the USA Patriot Act, which changed the facts of the case (Larry Elliott Klayman, et al. v. National Security Agency, et al., Nos. 1:13-cv-00851 and 1:13-cv-00881, D. D.C., 2017 U.S. Dist. LEXIS 193267).

  • December 20, 2017

    Home Depot Appeals $15.3 Million Attorney Fees Award In Data Breach Suit

    ATLANTA — In a Dec. 18 brief in the 11th Circuit U.S. Court of Appeals, Home Depot Inc. appeals what it describes as a “staggering” attorney fees award granted to a group of financial institutions (FIs) that sued over the retailer’s 2014 data breach (Northeastern Engineers Federal, et al. v. Home Depot Inc., et al., No. 17-14741, 11th Cir.).

  • December 20, 2017

    Judge Dismisses Bailment Claim In Suit Over Nationwide Data Breach

    COLUMBUS, Ohio — Adopting a magistrate’s recommendation, an Ohio federal judge on Dec. 13 dismissed the remaining bailment claim alleged against Nationwide Mutual Insurance Co. by two of its policyholders related to a 2012 data breach, with the judge finding that the plaintiffs did not establish that they relinquished control of their personally identifiable information (PII) to the insurer (Mohammad S. Galaria, et al. v. Nationwide Mutual Insurance Co., No. 2:13-cv-00118, S.D. Ohio, 2017 U.S. Dist. LEXIS 205304).

Can't find the article you're looking for? Click here to search the Mealey's Data Privacy archive.