Mealey's Data Privacy

  • March 12, 2019

    School District, Employee Settle Suit Over Data Breach Whistleblower Retaliation

    PHOENIX — Five months after a split summary judgment ruling, a school district and a former employee who claims he was fired for exposing negligence that led to multiple data breaches announced that they had settled their remaining claims, leading an Arizona federal magistrate judge to grant dismissal of the case with prejudice on March 7 (Miguel Corzo v. Maricopa County Community College District, et al., No. 2:15-cv-02552, D. Ariz.).

  • March 11, 2019

    Insureds Ask 4th Circuit To Find Insurer Has Duty To Defend Data Breach Suit

    RICHMOND, Va. — A cybersecurity provider insured recently asked the Fourth Circuit U.S. Court of Appeals to reverse a lower federal court’s finding that a commercial general liability insurer has no duty to defend it against underlying personal injury claims arising from a credit card breach involving hotel customers, contending that the lower court “incorrectly applied Florida insurance coverage law” (St. Paul Fire & Marine Insurance Co. v. Rosen Millennium Inc., No. 18-14427, 4th Cir.).

  • March 11, 2019

    3rd Circuit: J. Crew Patron Pleaded No Concrete Identity Theft Harm In FACTA Suit

    PHILADELPHIA — Affirming a trial court’s dismissal of a putative class action against J. Crew Group Inc. under the Fair and Accurate Credit Transactions Act (FACTA), a Third Circuit U.S. Court of Appeals panel on March 8 held that a customer of the retailer failed to plead to any concrete harm in the purported increased risk of identity theft from the printing of 10 digits from his credit card number on his receipts (Ahmed Kamal v. J. Crew Group Inc., et al., No. 17-2345 and 17-2453, 3rd Cir., 2019 U.S. App. LEXIS 7053).

  • March 11, 2019

    Arizona Judge Finds No Expectation Of Privacy In IP Address, Subscriber Info

    TUCSON, Ariz. — Finding that an internet user’s internet protocol (IP) address is information that is publicly available and shared with many parties, an Arizona federal judge on March 7 ruled that a man indicted on federal child pornography charges had no reasonable expectation of privacy in his IP address or in the subscriber information supplied by his internet service provider (ISP), adopting a magistrate’s recommendation to deny the indictee’s motion to suppress the information (United States v. Michael James McCutchin, No. 4:17-cr-01517, D. Ariz., 2019 U.S. Dist. LEXIS 36811).

  • March 11, 2019

    Plaintiffs Seek Attorney Fee, Service Awards In Experian Data Breach Class Action

    SANTA ANA, Calif. — Three months after a judge preliminarily approved their settlement with Experian Information Solutions Inc. over a 2015 data breach, the plaintiffs filed a motion in California federal court on March 6 requesting service awards for the named plaintiffs, as well as awards of attorney fees and litigation costs (In Re Experian Data Breach Litigation, No. 8:15-cv-01592, C.D. Calif.).

  • March 08, 2019

    Imaging Firm Says Discovery In Contract Suit Is Irrelevant, Would Violate GDPR

    WILMINGTON, Del. — An Irish-based medical imaging company argues in a March 5 brief in Delaware court that documents sought in discovery by a former manufacturing partner in a motion to compel are not only irrelevant to the contractual dispute between them but also that  producing them could potentially violate the stringent privacy standards of Europe’s General Data Protection Regulation (GDPR) (Guerbet Ireland Unlimited Co., et al. v. SpecGX LLC, No. N18C-05-159, Del. Super.).

  • March 07, 2019

    Native American Tribes Request Separate Track In Equifax Data Breach Suit

    ATLANTA — Three Native American tribes that saw their claims against Equifax Inc. transferred and centralized in Georgia federal court along with hundreds of other similar suits filed a motion March 1 asking the court to establish a separate track in the litigation for tribal governments’ claims against the company, citing unique issues of law and sovereignty (In Re:  Equifax Inc., Customer Data Security Breach Litigation, No. 1:17-md-2800, N.D. Ga.).

  • March 07, 2019

    9th Circuit Finds Murder Suspect’s Cell-Site Data Was Acquired In Good Faith

    SAN DIEGO — Although a Ninth Circuit U.S. Court of Appeals panel majority found that law enforcement personnel lacked probable cause to obtain the cell-site location information (CSLI) for a man who was indicted for a murder, it held in a March 4 ruling that the officer’s good faith reliance on a court-issued warrant overcame the probable cause deficiency (United States v. Antonio Gilton, et al., No. 16-10109, 9th Cir., 2019 U.S. App. LEXIS 6507).

  • March 01, 2019

    FTC Settles Children’s Privacy Violations By Musical.ly For $5.7 Million

    LOS ANGELES — The Federal Trade Commission (FTC) on Feb. 27 filed a proposed, stipulated order in California federal court, announcing that it had settled claims against online video social network operator Musical.ly for violation of the Children’s Online Privacy Protection Act (COPPA) for an amount of $5.7 million (United States v.  Musical.ly, et al., No. 2:19-cv-01439, C.D. Calif.).

  • February 27, 2019

    Google Defends 7th Circuit Appeal Of Biometric Privacy Ruling In Its Favor

    CHICAGO — In a Feb. 25 jurisdictional memorandum, Google LLC explains that its cross-appeal of a ruling in its favor that dismissed claims over Google’s facial recognition photo-tagging feature is necessary because it intends to advance an alternative argument for affirmance, telling the Seventh Circuit U.S. Court of Appeals that a trial court should have dismissed the claims brought under Illinois’ Biometric Information Privacy Act (BIPA) for failure to state a claim (Lindabeth Rivera v. Google LLC, Nos. 19-1182 and 19-1242, 7th Cir.).

  • February 26, 2019

    Facebook User Defends Privacy Claims In Location-Tracking Lawsuit

    SAN FRANCISCO — Characterizing Facebook Inc. as a “relentless digital spy,” a California man on Feb. 22 opposed the social network’s motion to dismiss privacy claims over its purported practice of tracking users’ locations even after they opted out of such tracking in their account settings, asserting that this violation of his privacy rights constitutes a concrete injury that establishes his standing under Article III of the U.S. Constitution (Brett Heeger v. Facebook Inc., No. 3:18-cv-06399, N.D. Calif.).

  • February 26, 2019

    Delta Customer Alleges Computer Fraud After 2017 Data Breach

    LOS ANGELES — After a putative class action against Delta Air Lines Inc. over a 2017 data breach was denied centralization with similar suits and was transferred from Georgia to California federal court, the lead plaintiff on Feb. 22 filed a first amended complaint against the airlines and a data support company, adding new claims for computer fraud and illegal access (Teresa J. McGarry v. Delta Air Lines Inc., et al., No. 2:18-cv-09827, C.D. Calif.).

  • February 25, 2019

    NSA, Wikimedia Argue Standing, Injury In Upstream Surveillance Lawsuit

    BALTIMORE — In a Feb. 15 reply brief supporting its summary judgment motion, the National Security Agency (NSA) tells a Maryland federal court that Wikimedia Foundation has failed to offer any admissible, nonprivileged evidence that any of its communications were intercepted in the agency’s upstream surveillance program, defeating its standing to bring constitutional claims against the government (Wikimedia Foundation v. National Security Agency, et al., No. 1:15-cv-00662, D. Md.).

  • February 22, 2019

    Discovery Of U.K. Emails In Patent Suit Won’t Violate GDPR, Magistrate Rules

    SAN FRANCISCO— A technology firm that is the defendant in a patent infringement lawsuit failed to establish that producing emails of an employee in the United Kingdom would violate the privacy protections of Europe’s General Data Protection Regulation (GDPR), a California federal magistrate judge ruled Feb. 14, finding the requested emails to be relevant to the suit and the plaintiff’s requests to not be overbroad (Finjan Inc. v. Zscaler Inc., No. 3:17-cv-06946, N.D. Calif., 2019 U.S. Dist. LEXIS 24570).

  • February 20, 2019

    Final Approval Sought For $8.3 Million Lenovo Adware Class Settlement

    SAN JOSE, Calif. — Three months after a California federal judge preliminarily approved an $8.3 million settlement with Lenovo (United States) Inc. over its use of intrusive adware, a consumer class on Feb. 14 moved for final approval of the agreement that would settle their privacy and computer fraud claims against the computer manufacturer (In Re:  Lenovo Adware Litigation, No. 3:15-md-02624, N.D. Calif.).

  • February 15, 2019

    Wendy’s Agrees To $50M Class Settlement After Franchisees Were Hacked

    PITTSBURGH — A fast food chain has agreed to pay $50 million to settle financial institutions’ class claims against its franchisees in connection with a data breach first reported in 2016, according to a motion for preliminary settlement approval filed Feb. 13 in a Pennsylvania federal court (First Choice Federal Credit Union, et al. v. The Wendy’s Company, et al., No. 16-506, W.D. Pa.).

  • February 14, 2019

    7th Circuit: No Jurisdiction In Newspaper’s Appeal Over DMV Records Publication

    CHICAGO — A Seventh Circuit U.S. Court of Appeals panel on Feb. 12 dismissed, for lack of jurisdiction, a newspaper’s appeal of a trial court ruling that found it liable under the Driver’s Privacy Protection Act (DPPA) for publishing information about Chicago Police Department (CPD) officers that it obtained from the Department of Motor Vehicles (DMV), finding that the underlying judgment did not sufficiently address what relief was awarded to the prevailing officers (Hugh Gallagly, et al. v. Sun-Times Media LLC, No. 18-3101, 7th Cir.).

  • February 14, 2019

    Facebook Defends Appeal Of Biometric Class Certification Ruling To 9th Circuit

    SAN FRANCISCO — In a Feb. 11 brief filed in the Ninth Circuit U.S. Court of Appeals, Facebook Inc. responds to a motion to dismiss its appeal of a trial court’s certification of a class suing it for violation of an Illinois biometric privacy law, disputing the plaintiffs’ assertion that a recent Illinois Supreme Court ruling on the statute resolved the issues on appeal (In re Facebook Biometric Information Privacy Litigation, No. 18-15982, 9th Cir.).

  • February 14, 2019

    Federal Class Claims Against Port Authority Alleging Taped Medical Exams To Proceed

    NEW YORK — A New York federal judge on Feb. 12 declined to dismiss federal class claims against the Port Authority of New York and New Jersey alleging that it records medical exams of employees without their consent (Charlese Talarico, et al. v. The Port Authority of New York and New Jersey, No. 18-909, S.D. N.Y., 2019 U.S. Dist. LEXIS 22766).

  • February 13, 2019

    ACLU, Washington Post Denied Access To Filings Over DOJ’s Facebook Call Wiretaps

    FRESNO, Calif. — A California federal judge on Feb. 11 denied motions by the American Civil Liberties Union (ACLU) and the Washington Post to unseal court filings in a case where the U.S. Department of Justice (DOJ) reportedly sought to compel Facebook Inc. to provide it with access to users’ private calls made via the social network, with the judge concluding that the need to maintain confidentiality in crime fighting techniques outweighed any public right of access to the records (In re U.S. Department of Justice Motion to Compel Facebook to Provide Technical Assistance in Sealed Case, Opinion and Order Issued in or About September 2018, No. 1:18-mc-00057, E.D. Calif., 2019 U.S. Dist. LEXIS 21931).

Can't find the article you're looking for? Click here to search the Mealey's Data Privacy archive.