Mealey's Data Privacy

  • June 15, 2020

    Airbnb Announces Revised Record Submission Law, Settlement With New York

    NEW YORK — An enjoined New York City ordinance that required online home-sharing platform operators to submit certain homeowner data to the city will be revised in accordance with the city’s settlement of a lawsuit filed by Airbnb Inc. under the Fourth Amendment to the U.S. Constitution, the parties reported in a June 12 letter motion seeking a stay of proceedings in New York federal court (Airbnb Inc. v.  New York, No. 1:18-cv-07712; Inc. v.  New York, No. 1:18-cv-07742, S.D. N.Y.).

  • June 15, 2020

    Banks’ $5.5 Million Settlement Over Equifax Data Breach Preliminarily Approved

    ATLANTA — Three weeks after a group of financial institutions (FIs) announced a $5.5 million settlement with Equifax Inc. over the credit-reporting giant’s 2017 data breach, a Georgia federal judge on June 4 granted preliminary approval to the agreement as being “fair, reasonable, and adequate” and greenlighting the class notification program (In Re:  Equifax Inc., Customer Data Security Breach Litigation, No. 1:17-md-02800, N.D. Ga.).

  • June 12, 2020

    Facebook Needn’t Produce Full Messenger Source Code In Data-Scraping Suit

    SAN FRANCISCO — A discovery request for all source code related to Facebook Inc.’s Messenger app was deemed too broad by a California federal magistrate judge, who on June 11 instead directed the social network to just submit source code related to the app’s features at issue in the privacy and data access claims over data-scraping activities carried out by the app (Lawrence Olin, et al. v. Facebook Inc., No. 3:18-cv-01881, N.D. Calif.).

  • June 09, 2020

    1st Circuit:  Call Interception Violation Under Wiretap Act Must Be Intentional

    BOSTON— Affirming a trial court’s ruling that reversed the quashing of a subpoena for recordings of an employee’s phone calls, a First Circuit U.S. Court of Appeals panel on June 5 found that the calls were recorded unintentionally and thus did not run afoul of the prohibitions of the Federal Wiretap Act (In re HIPAA Subpoena, No. 19-1424, 1st Cir.).

  • June 09, 2020

    Coverage Not Barred By Invasion Of Privacy Exclusion, Assignee Says To 11th Circuit

    ATLANTA — An insured’s assignee recently asked the 11th Circuit U.S. Court of Appeals to reverse a federal district court’s finding that coverage for an underlying $60,413,112 consent judgment entered against the insured in a Telephone Consumer Protection Act (TCPA) violation dispute is barred by the insurance policy's “invasion of privacy” exclusion (Jacob Horn, et al. v. Liberty Insurance Underwriters, Inc., No. 19-12525, 11th Cir.).

  • June 08, 2020

    Judge:  Defendants In Remanded Google Referrer Header Suit Have Standing

    SAN JOSE, Calif. — One day after a hearing in a remanded privacy suit against Google LLC, a California federal judge on June 5 determined that the plaintiffs sufficiently established their standing under Article III of the U.S. Constitution to allege violations of the Stored Communications Act (SCA) by Google’s purported sharing of their search query terms with third-party website operators (In re:  Google Referrer Header Privacy Litigation, No. 5:10-cv-04809, N.D. Calif., 2020 U.S. Dist. LEXIS 99291).

  • June 05, 2020

    Class Complaint Filed Over Breach Of Wishbone App’s Database

    LOS ANGELES — A former user of the Wishbone app filed a putative class action against the app’s maker in California federal court on June 1, alleging negligence and unfair competition over Mammoth Media Inc.’s purported inadequate security practices, which, he claims, led to a recently announced data breach that resulted in the theft of nearly 40 million users’ personally identifiable information (PII) (Connor Burns v. Mammoth Media Inc., No. 2:20-cv-04855, C.D. Calif.).

  • June 03, 2020

    Google Sued For Tracking Users While In ‘Private Browsing Mode’

    SAN JOSE, Calif. — In a putative class complaint filed June 2 in California federal court, three Google LLC subscribers assert that the technology firm continuously tracks and collects users’ web-browsing information despite their use of “private browsing mode” (Charles Brown, et al. v. Google LLC, et al., No. 5:20-cv-03664, N.D. Calif.).

  • June 02, 2020

    Illinois Man Denied Motion To Intervene In 6 New York Biometric Privacy Suits

    NEW YORK — An Illinois resident who filed the first of several biometric privacy suits over Clearview AI Inc.’s creation of a facial scan database failed in his bid to intervene in six putative class actions against the tech firm in New York federal court on May 29, as a New York federal judge deemed intervention in the noncertified putative class actions “not justified on either mandatory or permissive grounds” due to the movant’s lack of cognizable interest (Mario Calderon, et al. v. Clearview AI Inc., No. 1:20-cv-01296, S.D. N.Y., 2020 U.S. Dist. LEXIS 94926).

  • June 02, 2020

    Federal Judge Seeks Corrections In Corner Bakery Workers’ Private Data Settlement

    CHICAGO — A proposed class settlement worth more than $3.2 million between a restaurant and its workers over claims concerning the employer’s collection of workers’ fingerprints contains several “minor problems” when it comes to class members’ rights to object, a federal judge in Illinois ruled May 28, denying preliminary approval (Ebony Jones v. CBC Restaurant Corp., No. 19-6736, N.D. Ill.).

  • June 01, 2020

    Eavesdropping, Wiretap Claims Over Bose Wireless Headphones Again Dismissed

    CHICAGO — Finding that Bose Corp. is a party to the Bluetooth communications between its wireless products and an app that controls their settings, an Illinois federal judge on May 27 granted the audio company’s motion to dismiss wiretap and eavesdropping class claims against it for the same reasons she had done so more than a year earlier (Kyle Zak v. Bose Corp., No. 1:17-cv-02928, N.D. Ill.).

  • May 29, 2020

    Arizona Sues Google Over ‘Widespread,’ ‘Systemic’ User Location Data Collection

    PHOENIX — Arizona filed a complaint against Google LLC in state court on May 27, accusing the technology giant of violating the Arizona Consumer Fraud Act (CFA) via its “widespread and systemic use of deceptive and unfair business practices to obtain information about the location of its users” to fuel its “lucrative advertising business” (Arizona v. Google LLC, No. CV 2020-006219, Ariz. Super. Maricopa Co.).

  • May 29, 2020

    Capital One Must Provide Consultant’s Report In Data Breach Lawsuit

    ALEXANDRIA, Va. — Capital One Financial Corp. failed to establish that a report prepared by its cybersecurity consultant over a 2019 data breach differed from tasks the consultant would have performed absent the breach, a Virginia federal magistrate judge ruled May 26, deeming the report not to be protected work product and granting motion by a group of the credit card issuer’s customers to compel its production in a multidistrict litigation over the incident (In re Capital One Customer Data Security Breach Litigation, No. 1:19-md-02915, E.D. Va., 2020 U.S. Dist. LEXIS 91736).

  • May 27, 2020

    Intervention, Dismissal, Injunction Debated In Facial Data Collection Lawsuits

    CHICAGO — An Illinois man who filed the first of several privacy lawsuits over the online facial data collection practices conducted by Clearview AI Inc. filed a supplemental brief in New York federal court on May 20, supporting his motion to intervene in five lawsuits in that venue, arguing that a recent development in his suit in Illinois federal court weights in favor of litigating claims against the tech firm in the Illinois court (David Mutnick v. Clearview AI Inc., et al., No. 1:20-cv-00512, N.D. Ill.).

  • May 26, 2020

    Poland Resident Cannot Avoid Discovery Under GDPR In RICO Suit, Judge Rules

    ALLENTOWN, Pa. — A food distributor’s ex-vice president who now resides in Poland cannot invoke the General Data Protection Regulation (GDPR) to escape his discovery duties in a Racketeer Influenced and Corrupt Organizations Act (RICO) suit brought by his former employer, a Pennsylvania federal judge ruled May 21, concluding that the defendant could not meet his burden to establish that the European law bars production from him as a U.S. citizen (Giorgi Global Holdings Inc., et al. v. Wieslaw Smulski, et al., No. 5:17-cv-04416, E.D. Pa., 2020 U.S. Dist. LEXIS 89369).

  • May 22, 2020

    Judge Sends User’s Biometric Collection Claims Against Shutterfly To Arbitration

    CHICAGO — An Illinois federal judge on May 5 found that one of two lead plaintiffs alleging biometric privacy violations in Shutterfly Inc.’s use of facial-recognition technology was bound by the company’s arbitration provision, staying the putative class action brought under the Illinois Biometric Information Privacy Act (BIPA) pending resolution of the arbitration (Vernita Miracle-Pond, et al. v. Shutterfly Inc., No. 1:19-cv-04722, N.D. Ill., 2020 U.S. Dist. LEXIS 86083).

  • May 22, 2020

    Standing, Injury Debated In Remanded Google Referrer Header Privacy Suit

    SAN JOSE, Calif. — Google LLC on May 15 filed a reply supporting its motion to dismiss a case remanded by the U.S. Supreme Court for jurisdictional findings, telling a California federal court that plaintiffs alleging privacy violations under the Stored Communications Act (SCA) for the purported sharing of their search query terms failed to allege the necessary harm to establish standing under Article III of the U.S. Constitution (In re:  Google Referrer Header Privacy Litigation, No. 5:10-cv-04809, N.D. Calif.).

  • May 22, 2020

    Computer Fraud, Negligence Claims In AT&T SIM Swapping Theft Suit May Proceed

    LOS ANGELES — Granting in part a motion to dismiss by AT&T Mobility LLC, a California federal judge on May 18 found that a former customer who was the victim of “SIM swapping” that led to a loss of $1.8 million did not sufficiently plead invasion of privacy and reliance factors to support two of his claims against the wireless carrier (Seth Shapiro v. AT&T Mobility LLC, No. 2:19-cv-08972, C.D. Calif.).

  • May 21, 2020

    Banks Seek Preliminary Approval Of $5.5 Million Equifax Data Breach Settlement

    ATLANTA — Four months after final approval was granted to the settlement of claims brought by consumer plaintiffs over Equifax Inc.’s 2017 data breach, the financial institution (FI) plaintiffs on May 15 asked a Georgia federal court to preliminarily approve the $5.5 million settlement of their claims in the consolidated class action against the credit-reporting company (In Re:  Equifax Inc., Customer Data Security Breach Litigation, No. 1:17-md-02800, N.D. Ga.).

  • May 21, 2020

    Judge: Southwest Employees’ Fingerprint Data Claims Don’t Belong In Federal Court

    CHICAGO — Putative class claims by four airline employees over the collection and use of their fingerprints don’t belong in federal court, a judge in the U.S. District Court for the Northern District of Illinois ruled May 12, holding that three of the employees must proceed before an adjustment board under the Railway Labor Act (RLA) and that the fourth agreed to arbitration (Darrell Crooms, et al. v. Southwest Airlines Co., No. 19-2149, N.D. Ill., 2020 U.S. Dist. LEXIS 84360).

Can't find the article you're looking for? Click here to search the Mealey's Data Privacy archive.