Mealey's Data Privacy

  • May 11, 2020

    TikTok Hit With Class Complaints Over Collection Of Minors' Biometrics

    SAN FRANCISCO — With the May 8 filing of a putative class complaint in California federal court by a group of minors, social network app company TikTok Inc. has been sued in three lawsuits for violating the Illinois Biometric Information Privacy Act (BIPA) for the surreptitious collection and retention of users’ biometric identifiers without consent or notice (P.S., et al. v. TikTok Inc., et al., No. 3:20-cv-02992, N.D. Calif., E.R., et al. v. TikTok Inc., et al., No. 1:20-cv-02810, N.D. Ill.; D.M., et al. v. TikTok Inc., et al., No. 3:20-cv-03185, N.D. Calif.).

  • May 08, 2020

    Capital One Opposes Production Of Consultant Report In Data Breach Lawsuit

    ALEXANDRIA, Va. — On May 6, Capital One Financial Corp. filed its opposition to a motion to compel production of a report by a cybersecurity firm after the credit card company’s 2019 data breach, telling a Virginia federal court that the report constitutes protected work product because it was prepared to assist Capital One’s counsel in defending against the present litigation brought by consumers over the exposure of their data in the breach (In re Capital One Customer Data Security Breach Litigation, No. 1:19-md-02915, E.D. Va.).

  • May 08, 2020

    Illinois Sheriff Sues For Release Of COVID-19 Infectees’ Names, Addresses

    WAUKEGAN, Ill. — The sheriff of Lake County, Ill., filed a declaratory complaint against the county’s health department on April 28, asking an Illinois state court to find that law enforcement and emergency response personnel are entitled to the names and addresses of residents that have tested positive for COVID-19, arguing that state and federal law support the release of such private personal data during a public health emergency (John Idleburg v. Mark Pfister, et al., No. 20MR0000269, Ill. Cir., Lake Co.).

  • May 08, 2020

    Wyoming Couple Settles Computer Spyware Suit With Rent-To-Own Franchisee

    ERIE, Pa. — A nine-year old privacy lawsuit over a rent-to-own (RTO) dealer’s surreptitious installation of spyware on customers’ computers came to an end May 5, when a Pennsylvania federal judge approved and signed a stipulation of dismissal the same day it was filed by the plaintiffs (Crystal Byrd, et al. v. Aaron’s Inc., et al., No. 1:11-cv-00101, W.D. Pa.).

  • May 06, 2020

    7th Circuit:  Vending Machine Fingerprint Collection Row Belongs In Federal Court

    CHICAGO — Putative class claims for violations of the Illinois Biometric Information Privacy Act (BIPA) via vending machines’ collection of users’ fingerprints sufficiently allege concrete and particularized invasions of personal rights to establish federal jurisdiction under Article III of the U.S. Constitution, a Seventh Circuit U.S. Court of Appeals panel ruled May 5, reversing a trial court’s grant of the plaintiff’s motion to remand to state court (Christine Bryant v. Compass Group USA Inc., No. 20-1443, 7th Cir., 2020 U.S. App. LEXIS 14256).

  • May 06, 2020

    Judge Won’t Compel Release Of COVID-19 Information To First Responders

    CHICAGO — An Illinois judge on May 1 declined to require a state health department to provide a list of residents infected with COVID-19 to an emergency dispatch company, denying the plaintiff’s motion for a temporary restraining order (TRO) or preliminary injunction compelling disclosure due to a failure to establish a right to the information sought and out of a concern for citizens’ privacy rights (Northwest Central Dispatch System v. Cook County Department of Public Health, et al., No. 2020 CH 03914, Ill. Cir., Chanc. Div., Cook Co.).

  • May 05, 2020

    Final Approval Sought For $1.6M Settlement Of Neiman Marcus Data Breach Suit

    CHICAGO — The lead plaintiffs in a class action over a 2013 cybersecurity incident experienced by The Neiman Marcus Group LLC moved for final approval of a $1.6 million settlement with the retailer on May 2, asking an Illinois federal judge to deem the agreement “fair, reasonable, and adequate” as she did six months earlier in a preliminary approval ruling (Hilary Remijas, et al. v. The Neiman Marcus Group, LLC, No. 1:14-cv-01735, N.D. Ill.).

  • April 29, 2020

    Home Depot Again Appeals Fees Award In Data Breach Suit Settlement With Banks

    ATLANTA — Nine months after the 11th Circuit U.S. Court of Appeals reversed and remanded a previous attorney fees award connected with Home Depot Inc.’s settlement with a group of financial institutions (FIs) of a class action over a 2014 data breach, the retailer filed an appellant brief on April 27, telling the appeals court that the trial court inappropriately used the percentage methodology in calculating the revised fees award (Northeastern Engineers Federal Credit Union, et al. v. The Home Depot Inc., et al., No. 20-10667, 11th Cir.).

  • April 28, 2020

    8 Privacy Class Complaints Against Zoom Related In California Federal Court

    SAN JOSE, Calif. — One day after the plaintiffs in eight putative class actions against Zoom Video Communications Inc. stipulated that their complaints should be related, a California federal judge on April 24 granted their administrative motion, relating the suits, which all similarly allege that the maker of the popular teleconferencing platform violated privacy and consumer laws by sharing users’ personal details with third parties (Robert Cullen v. Zoom Video Communications Inc., 5:20-cv-02155, N.D. Calif.).

  • April 27, 2020

    Certiorari Denied In Suit Over Privacy Assessments Of Census Citizenship Question

    WASHINGTON, D.C. — In its April 27 order list, the U.S. Supreme Court denied without comment the petition for certiorari by Electronic Privacy Information Center (EPIC), in which the civil liberties organization sought clarification of standing to challenge a government agency’s compliance with statutory disclosure requirements, specifically related to privacy impact assessments (PIAs) for a now-scrapped censorship question on the 2020 U.S. Census (Electronic Privacy Information Center v. Department of Commerce, et al., No. 19-777, U.S. Sup.; 2020 U.S. LEXIS 2421).

  • April 27, 2020

    Judge Approves FTC’s $5 Billion Settlement Of Facebook Privacy Violations

    WASHINGTON, D.C. — Nine months after the Federal Trade Commission sought approval of a $5 billion settlement with Facebook Inc. of the social network’s failure to comply with a 2012 settlement of privacy violations, a District of Columbia federal judge on April 23 granted his approval, deeming the new settlement to be fair and in the public interest, while decrying Facebook’s “stunning” violations of the law and the previous agreement (United States v. Facebook Inc., No. 1:19-cv-02184, D. D.C., 2020 U.S. Dist. LEXIS 72162).

  • April 24, 2020

    Colorado Pharmacy Board Must Provide Patient Records Requested By DEA

    DENVER — Finding that the Drug Enforcement Administration sufficiently established that several years’ worth of patient prescription data it seeks via subpoenas has a reasonable relevance to an investigation over the distribution of controlled substances, a Colorado federal judge on April 21 granted the agency’s request to enforce compliance with the subpoenas by the Colorado Board of Pharmacy, which raised privacy concerns (U.S. Department of Justice, Drug Enforcement Administration v. Colorado Board of Pharmacy, et al., No. 1:19-cv-00105, D. Colo., 2020 U.S. Dist. LEXIS 69726).

  • April 23, 2020

    Walgreens Customer Alleges Negligence Over 2019 Data Breach

    CHICAGO — A Florida woman who says that she was one of the pharmacy customers whose data was exposed by a breach of Walgreen Co.’s website filed a putative class complaint against the drugstore chain on April 21 in Illinois federal court, alleging negligence and invasion of privacy (Laura Hernandez v. Walgreen Co., No. 1:20-cv-02434, N.D. Ill.).

  • April 22, 2020

    Class Complaint Filed Over Data Sharing By Houseparty Group Chat App

    SAN DIEGO — Epic Games Inc. was hit with a class complaint in California federal court on April 17 by a user of its Houseparty app who claims negligence and privacy violations related to the purported sharing of her personally identifiable information (PII) with third parties, notably Facebook Inc., without her consent (Heather Sweeney v. Life On Air Inc., et al., No. 3:20-cv-00742, S.D. Calif.).

  • April 22, 2020

    Plaintiffs In Facebook ‘Tag Suggestions’ Class Action Report Settlement Delay

    SAN FRANCISCO — On the date that a preliminary settlement approval motion was due in a class action alleging biometric collection violations by Facebook Inc., the plaintiffs instead on April 17, filed a status report in California federal court reporting that the parties had experienced delays due, in part, to the novel coronavirus pandemic (In re Facebook Biometric Information Privacy Litigation, No. 3:15-cv-03747, N.D. Calif.).

  • April 21, 2020

    Some Class Claims Over Supermarket Chain’s Data Breach Dismissed

    PEORIA, Ill. — In an April 20 ruling, an Illinois federal judge partly granted Hy-Vee Inc.’s motion to dismiss a putative class action over a data breach it experienced, dismissing breach of contract and unjust enrichment claims as inadequately pleaded and some negligence claims as barred by state law (Noreen Perdue, et al. v. Hy-Vee Inc., No. 1:19-cv-01330, C.D. Ill., 2020 U.S. Dist. LEXIS 68607).

  • April 20, 2020

    Judge Rules Twitter Can’t Publish Transparency Report On Surveillance Involvement

    OAKLAND, Calif. — In a case that she said “underscores the tension between the First Amendment and national security,” a California federal judge on April 17 reversed a three-year old ruling in favor of Twitter Inc., holding that subsequent declarations from Federal Bureau of Investigation personnel demonstrated that information the social network sought to publicly disclose about its mandated compliance with government surveillance requests was classified (Twitter Inc. v. William P. Barr, et al., No. 4:14-cv-04480, N.D. Calif.).

  • April 20, 2020

    U.S. Supreme Court Declines Review Of FINRA Immunity Appeal

    WASHINGTON, D.C. — The U.S. Supreme Court on April 20 declined review of a Ninth Circuit U.S. Court of Appeals panel’s ruling upholding the dismissal of claims brought by two business owners and several businesses they owned stemming from the Financial Industry Regulatory Authority’s (FINRA) seizure of materials and information during a raid of one of the businesses (John Hurry, et al. v. Financial Industry Regulatory Authority Inc., et al., No. 19-643, U.S. Sup.).

  • April 20, 2020

    Penn State’s Producing Of Employee’s Emails Did Not Violate SCA, 3rd Circuit Rules

    PHILADELPHIA — In a “narrow” precedential opinion, a Third Circuit U.S. Court of Appeals panel on April 16 affirmed the dismissal of a Pennsylvania State University employee’s Stored Communications Act (SCA) lawsuit over the production of her emails to law enforcement without a valid subpoena, clarifying that if the university’s production had been induced, rather than voluntary, there may have been liability under the statute (Carol Lee Walker v. Senior Deputy Brian T. Coffey, et al., No. 19-1067, 3rd Cir., 2020 U.S. App. LEXIS 12063).

  • April 17, 2020

    Interlocutory Appeal Denied In Location-Tracking Suit Against Google

    SAN JOSE, Calif. — The plaintiffs suing Google LLC for privacy violations related to the purported tracking of their devices without consent were denied a bid for interlocutory appeal of a December dismissal order on April 15, with a California federal judge finding that they presented no controlling questions of law that would merit the rarely granted form of relief (In re Google Location History Litigation, No. 5:18-cv-05062, N.D. Calif.).

Can't find the article you're looking for? Click here to search the Mealey's Data Privacy archive.