Mealey's Data Privacy

  • May 26, 2022

    Injunction-Only Agreement In Class Action Over Insurer’s Data Breach Gets Final OK

    ROCHESTER, N.Y. — A long-running consolidated lawsuit over a 2015 data breach experienced by Excellus Health Plan Inc. received final approval on April 29, with a New York federal judge deeming injunctive relief guaranteeing improved cybersecurity practices by the insurer to be appropriate and in accordance with Federal Rule of Civil Procedure 23 and a previous ruling that had certified only a class for injunctive relief.

  • May 26, 2022

    Appeals Of Wawa Data Breach Consumer Class Settlement Consolidated In 3rd Circuit

    PHILADELPHIA — Observing that unresolved jurisdictional questions remain over whether a trial court’s final approval of a settlement in the consolidated class action over Wawa Inc.’s 2019 data breach constituted a final, appealable order, a Third Circuit U.S. Court of Appeals clerk on May 24 allowed two appeals by objectors to the settlement to proceed in a consolidated fashion.

  • May 26, 2022

    Preliminary Approval Sought For $63 Million Settlement Of OPM Data Breach Suit

    WASHINGTON, D.C. — After almost seven years of litigation, two government employee labor unions and a group of past and present government employees filed a motion in District of Columbia federal court on May 6, seeking preliminary approval of a proposed $63 million settlement of their Privacy Act claims over a 2015 data breach experienced by the U.S. Office of Personnel Management (OPM).

  • May 25, 2022

    The Gap’s Rehearing Window Extended In 9th Circuit Data Breach Arbitration Row

    PASADENA, Calif. — A Ninth Circuit U.S. Court of Appeals panel on May 23 granted a deadline extension motion by The Gap Inc., giving the retailer an additional 30 days to seek rehearing of a ruling that rebuffed its quest to invoke a credit card agreement arbitration clause in a lawsuit over a data breach, in which the panel concluded that the clothing store chain, as a nonparty to the agreement, was not entitled to claim the benefits of the clause.

  • May 25, 2022

    9th Circuit Denies Years-Old Rehearing Petition In Suit Over National Security Letters

    SAN FRANCISCO — More than 4-1/2 years after two electronic communications service providers (ECSPs) asked the Ninth Circuit U.S. Court of Appeals to rethink its 2017 decision upholding the constitutionality of the nondisclosure requirement of national security letters (NSLs) used by the Federal Bureau of Investigation to gather information on their customers, a panel on May 11 denied rehearing or rehearing en banc.

  • May 24, 2022

    Microsoft, Amazon Deny Any Violation Of Illinois Biometric Law

    SEATTLE — In summary judgment motions filed May 19 in parallel lawsuits in Washington federal court, Microsoft Corp. and Inc. argue that they cannot be found liable under Illinois’ Biometric Information Privacy Act (BIPA) for downloading a dataset of facial scans because none of the accused acts took place in Illinois and because they had no knowledge that the photos were not public domain or that the collection included scans of Illinois residents.

  • May 24, 2022

    Saudi Dissident’s Claims Over Hacked Twitter Account Dismissed As Time-Barred

    SAN FRANCISCO — A political dissident from Saudi Arabia saw his privacy, contractual and unfair competition lawsuit against Twitter Inc. over the hacking and suspension of his account dismissed May 20 by a California federal judge, who found the plaintiff’s claims to be barred by the statute of limitations and the immunity provision of the Communications Decency Act (CDA).

  • May 20, 2022

    Defendants In Bitcoin Theft, Data Breach Suit Seek Dismissal, Arbitration

    SAN FRANCISCO — A retirement solutions company and a cryptocurrency exchange filed motions in California federal court on May 17 seeking, respectively, dismissal of and arbitration of a California man’s negligence claims over a February hacking incident that led to the theft of customers’ financial assets and personally identifiable information (PII).

  • May 20, 2022

    Spyware Firm Asks High Court To Clarify Sovereign Immunity For Private Entities

    WASHINGTON, D.C. — The Foreign Sovereign Immunities Act (FSIA) does not clearly exclude sovereign immunity for private entities that, like it, act as agents for foreign states, an Israeli-owned spyware firm tells the U.S. Supreme Court in a May 16 reply brief supporting its petition for certiorari, asking the high court to offer guidance on this matter that it says has split the circuits.

  • May 19, 2022

    9th Circuit Orders Briefs On State Secrets Privilege In Remanded Surveillance Suit

    SAN FRANCISCO — Two months after the U.S. Supreme Court ruled that the Foreign Intelligence Surveillance Act (FISA) does not displace the state secrets privilege, a Ninth Circuit U.S. Court of Appeals panel on May 10 directed the Federal Bureau of Investigation and a group of Muslim Americans who sued over domestic surveillance to submit briefs on questions about application of the privilege that the appeals court should address on remand.

  • May 13, 2022

    NSA To High Court:  State Secrets Privilege Barred Discovery In Surveillance Suit

    WASHINGTON, D.C. — The National Security Agency (NSA) and other governmental parties tell the U.S. Supreme Court in a May 10 brief that two of its recent rulings confirmed that the Ninth Circuit U.S. Court of Appeals correctly found that the state secrets privilege barred a group of petitioners from obtaining classified surveillance documents that they sought to establish their standing to pursue constitutional and wiretap claims against the government, thus meriting denial of their petition for certiorari.

  • May 10, 2022

    Ill. High Court Amicus Briefs Support Worker’s Arguments In Fingerprint Scan Case

    SPRINGFIELD, Ill. — Three separate amicus curiae briefs filed April 19 in the Illinois Supreme Court present arguments supporting the position of a restaurant worker in a certified question from the Seventh Circuit U.S. Court of Appeals regarding the accrual of claims under the Illinois Biometric Privacy Act (BIPA) in a putative class complaint.

  • May 10, 2022

    7 Classes Certified For Bellwether Claims In Marriott Data Breach Suit

    GREENBELT, Md. — A Maryland federal judge on May 3 partly granted a class certification motion filed by the consumer plaintiffs in a class action over the massive data breach experienced by Marriott International Inc., combining and revising some of the plaintiffs’ proposed classes to certify seven state-specific classes related to existing bellwether claims.

  • May 09, 2022

    Opt-Outs, Objections Argued As Court Mulls Final OK Of TikTok Privacy MDL

    CHICAGO — In a May 4 reply brief, a group of multidistrict litigation plaintiffs ask an Illinois federal court to reject as meritless four objections to a $92 million settlement of privacy claims against TikTok Inc. and grant final approval.

  • May 06, 2022

    U.S., Railway Battle Over Privacy In Libby, Mont., Asbestos-Screening Lawsuit

    MISSOULA, Mont. — The United States on April 21 told a judge that federal law protects private Medicare and Social Security information and argued that the information would become relevant to a railway’s case against a Libby, Mont., asbestos screening company only in the event that the court awarded damages.  But in an April 28 reply in support of its second motion to compel, the railway said any privacy issues can be remedied by subjecting the relevant evidence to an existing protective order.

  • May 06, 2022

    WhatsApp To High Court: No Sovereign Immunity For Private Foreign Entities

    WASHINGTON, D.C. — The Foreign Sovereign Immunities Act (FSIA) extends sovereign immunity to foreign-state-owned entities, not private entities, WhatsApp Inc. tells the U.S. Supreme Court in a May 3 brief opposing an Israeli spyware firm’s petition of certiorari appealing the denial of its motion to quash computer fraud claims brought against it by WhatsApp.

  • April 29, 2022

    Judge: Phone Company’s Failure To Stop $466K Crypto Hack Didn’t Violate UCL

    SAN FRANCISCO — A California federal judge on April 27 dismissed in part a man’s lawsuit accusing a cellular service provider of violating California’s unfair competition law (UCL) and federal statutes by failing to protect his phone’s private data from hackers who used his data to access and steal his cryptocurrency holdings worth $466,000.

  • April 28, 2022

    Panel Affirms City’s Contingency Fees With Law Firms For UCL Suit Over Data Leak

    SAN DIEGO — A California appellate panel on April 26 affirmed San Diego’s contingency fee arrangement with three private law firms hired for a suit against a data analytics company accused of violating California’s unfair competition law (UCL) by allegedly allowing a Vietnamese hacker access to the personal information of more than 400,000 California residents, finding that the arrangement doesn’t violate standards of neutrality or the UCL.

  • April 28, 2022

    Plaintiffs Seek Final Approval Of $92 Million TikTok App Privacy Class Action

    CHICAGO — Six months after an Illinois federal judge preliminarily approved an agreement that would settle a privacy multidistrict litigation accusing TikTok Inc. of collecting user data without permission, the plaintiffs on March 31 moved for final approval, calling the settlement’s $92 million settlement fund and injunctive relief “an excellent result.”

  • April 26, 2022

    Alleged Misstatements In Marriott Data Breach Investor Suit Properly Dismissed

    RICHMOND, Va. — A federal district court did not err in dismissing investor claims against hotelier Marriott International Inc. and certain of its executive officers and members of its audit committee stemming from a major breach of sensitive guest data by hackers because the lead plaintiff in the action failed to sufficiently plead any actionable misstatements or omissions in making its federal securities law claims, a Fourth Circuit U.S. Court of Appeals panel ruled April 21 in affirming.

Can't find the article you're looking for? Click here to search the Mealey's Data Privacy archive.