We use cookies on this site to enable your digital experience. By continuing to use this site, you are agreeing to our cookie policy. close

Mealey's Data Privacy

  • September 4, 2018

    Employee: Supreme Court Lacks Jurisdiction To Hear Federal Arbitration Act Appeal

    WASHINGTON, D.C. — The U.S. Supreme Court has no jurisdiction to hear an employer’s appeal of a class arbitration ruling because the original, two-part decision by the trial court was not appealable; however, if the high court decides to reach the merits, it should hold that the Federal Arbitration Act (FAA) doesn’t preempt state law, an employee argues in his respondent brief filed Aug. 30 in the high court (Lamps Plus, Inc., et al. v. Frank Varela, No. 17-988, U.S. Sup.).

  • September 4, 2018

    Google, Privacy Class Defend Cy Pres Settlement In Supreme Court Briefs

    WASHINGTON, D.C. — In a pair of Aug. 29 respondent briefs, Google LLC and a class with which it settled privacy claims tell the U.S. Supreme Court that cy pres settlements, when subject to certain guidelines, are a useful way to settle certain class actions, like the one below, in which distribution of funds to class members is infeasible (Theodore H. Frank, et al. v. Paloma Gaos, et al., No. 17-961, U.S. Sup.).

  • August 27, 2018

    6th Circuit Upholds Use Of Cell Tower Expert Testimony In Robbery Case

    CINCINNATI — The admittance of expert testimony on the use of cell tower data to track mobile phones of robbery suspects does not taint the convictions of the suspects enough to overcome the wealth of other evidence against them, the Sixth Circuit U.S. Court of Appeals held Aug. 23 (United States v. Shawn Pearson, et al., Nos. 17-1724, 17-1962, 6th Cir., 2018 U.S. App. LEXIS 23797).

  • August 27, 2018

    Southwest Workers’ Biometric Data Class Suit Is Dismissed For Improper Venue

    CHICAGO — An Illinois federal judge on Aug. 23 dismissed a class complaint by airline workers suing over the collection of their biometric data, ruling that their claims are preempted by the Railway Labor Act (RLA) and must be submitted to arbitration (Jennifer Miller, et al. v. Southwest Airlines Co., No. 18-86, N.D. Ill.).

  • August 24, 2018

    Credit Union Must Produce Factual Work Product In Eddie Bauer Data Breach Suit

    SEATTLE — Determining that a credit union placed its communications with certain technical witnesses at issue by citing them in its complaint over Eddie Bauer LLC’s data breach, a Washington federal judge on Aug. 23 deemed the work product privilege waived, leading him to grant in part the retailer’s motion to compel (Veridian Credit Union v. Eddie Bauer LLC, No. 2:17-cv-00356, W.D. Wash., 2018 U.S. Dist. LEXIS 143788).

  • August 22, 2018

    Chipotle, Plaintiffs Object To Magistrate’s Recommendations In Data Breach Suit

    DENVER — Two weeks after a Colorado federal magistrate judge recommended granting in part Chipotle Mexican Grill Inc.’s motion to dismiss a putative class action over a 2017 data breach, both the restaurant chain and the plaintiffs filed objections Aug. 15, raising arguments related to injury, choice of law and the economic-loss doctrine (Todd Gordon, et al. v. Chipotle Mexican Grill Inc., No. 1:17-cv-01415, D. Colo.).

  • August 22, 2018

    California High Court Finds 2 Statutes Applying To Background Checks May Coexist

    SAN FRANCISCO — Two California statutes that apply to background checks performed on school bus drivers may “coexist because both acts are sufficiently clear” and any partial overlap does not render either “superfluous” or “unconstitutionally vague” as each statute “regulates information that the other does not,” the California Supreme Court ruled Aug. 20 (Eileen Connor v. First Student, Inc., et al., No. S229428, Calif. Sup., 2018 Cal. LEXIS 6266).

  • August 22, 2018

    7th Circuit: Smart Meter Data Collection Is 4th Amendment Search, But Reasonable

    CHICAGO — Although a Seventh Circuit U.S. Court of Appeals panel on Aug. 16 found that electric usage data collection via smart meters qualifies as a search under the Fourth Amendment to the U.S. Constitution, it found such a search to be reasonable, and not requiring a warrant, because the data collection is of substantial interest to the Naperville, Ill., government (Naperville Smart Meter Awareness v. City of Naperville, No. 16-3766, 7th Cir., 2018 U.S. App. LEXIS 22834).

  • August 21, 2018

    Google Sued For Tracking Smartphones Despite Disabled Location History

    SAN FRANCISCO — Google Inc. was hit with a putative class complaint in California federal court Aug. 17 for “the surreptitious location tracking of millions of mobile phone users,” which a smartphone user says is contrary to the tech giant’s representations that users could opt out of such tracking via privacy settings on their devices (Napoleon Patacsil v. Google Inc., No. 3:18-cv-05062, N.D. Calif.).

  • August 20, 2018

    J. Crew Tells 3rd Circuit FACTA Receipt Suit Based On Conjectural Harm

    PHILADELPHIA — Calling a plaintiff’s citation of additional authority inapplicable, J. Crew Group Inc. took the opportunity in an Aug. 16 response brief to highlight a recent ruling that it says bolsters its position that the suing customer has not established harm under the Fair and Accurate Credit Transactions Act (FACTA) because he did not allege that the credit card number digits printed on retail receipts were intercepted by anyone (Ahmed Kamal v. J. Crew Group Inc., et al., No. 17-2345 and 17-2453, 3rd Cir.).

  • August 20, 2018

    Consumer Plaintiffs Oppose Dismissal In Equifax Data Breach Suit

    ATLANTA — Asserting that they adequately pleaded such elements as injury, a contractual relationship, legal duties and misrepresentations, a putative class of consumer plaintiffs in an Aug. 13 brief in Georgia federal court oppose a motion by Equifax Inc. to dismiss their complaint over the credit reporting agency’s 2017 data breach (In Re:  Equifax Inc., Customer Data Security Breach Litigation, No. 1:17-md-2800, N.D. Ga.).

  • August 20, 2018

    Data Breach Plaintiffs: Yahoo Waived Privilege With Inadequate Logs

    SAN JOSE, Calif. — Stating that Yahoo Inc! has failed to provide adequate privilege logs despite having nine months to do so, the plaintiffs in a putative class action over the internet firm’s data breaches ask a California federal court in an Aug. 15 motion to compel disclosure of thousands of documents, arguing that Yahoo’s procedural failures waived any asserted privileges (In re:  Yahoo! Inc. Customer Data Security Breach Litigation, No. 5:16-md-02752, N.D. Calif.).

  • August 17, 2018

    AT&T Sued For Cellphone Hack That Led To $24 Million Cryptocurrency Theft

    LOS ANGELES — A cryptocurrency investor sued AT&T Inc. in California federal court Aug. 15, faulting the company for lax security measures that allowed hackers to gain control of his phone, via a method known as SIM swap, ultimately resulting in the theft of almost $24 million in cryptocurrency (Michael Terpin v. AT&T Inc., et al., No. 2:18-cv-06975, C.D. Calif.).

  • August 16, 2018

    Final Approval Granted To $115 Million Settlement In Anthem Data Breach Suit

    SAN JOSE, Calif. — One year after preliminarily approving settlement of a class action over the 2015 Anthem Inc. data breach, which includes a $115 million settlement fund, a California federal judge on Aug. 15 granted final approval, deeming the settlement’s distribution plan “fair adequate, and reasonable” (In Re:  Anthem Inc., Customer Data Security Breach Litigation, No. 5:15-md-02617, N.D. Calif.).

  • August 15, 2018

    Class Suit Over HIV Disclosure Is Remanded; No ERISA Preemption

    SANTA ANA, Calif. — A California federal judge on Aug. 10 remanded a class lawsuit accusing a health insurer of wrongfully disclosing insureds' HIV-positive status, ruling that the state law claims are not preempted by the Employee Retirement Income Security Act (D.L. v. Aetna Inc., et al., No. 18-893, C.D. Calif., 2018 U.S. Dist. LEXIS 136682).

  • August 13, 2018

    Panel Affirms No Coverage Owed For Unlawful Disclosure Claims Against Doctor

    BOSTON — A district court correctly found that based on the terms in a professional liability policy, an insurer has no duty to defend an insured doctor against claims by his ex-wife that he unlawfully disclosed her confidential health care information because the underlying allegations are not covered by the applicable policy, the First Circuit U.S. Court of Appeals said Aug. 10 (Medical Mutual Insurance Company of Maine, Inc. v. Douglas Burka, 17-1872, 1st Cir., 2018 U.S. App. LEXIS 22273).

  • August 13, 2018

    Nielsen Hit With Securities Suit For Losses From GDPR Compliance, Restrictions

    NEW YORK — Two weeks after announcing missed revenue targets and experiencing a resulting drop in stock prices, Nielsen Holdings PLC was named in a putative securities class action in New York federal court on Aug. 8 by a shareholder who claims that the analytics firm misled investors as to costs associated with the European General Data Protection Regulation (GDPR) and misrepresented its ability to obtain necessary consumer social media data after the privacy-oriented statute’s recent enactment (Craig Gordon v. Nielsen Holdings PLC, et al., No. 1:18-cv-07143, S.D. N.Y.).

  • August 9, 2018

    4th Circuit Affirms No Coverage For Suit Alleging Statutory Violations

    RICHMOND, Va.— The Fourth Circuit U.S. Court of Appeals on Aug. 7 affirmed a lower federal court’s finding that an insurer has no duty to defend its insured in two underlying class actions alleging violations of the federal Driver's Privacy Protection Act (DPPA) because the business liability policy's statutory violation exclusion bars coverage (Hartford Casualty Insurance Company v. Ted A. Greve & Associates, PA, et al., No. 17-2407, 4th Cir., 2018 U.S. App. LEXIS 21939).

  • August 7, 2018

    Delta, Software Firm Oppose Multidistrict Treatment Of Data Breach Suits

    WASHINGTON, D.C. — In a pair of Aug. 3 briefs in the U.S. Judicial Panel on Multidistrict Litigation, Delta Air Lines and a company that provided it with software services oppose a motion to transfer and consolidate three putative class actions over a 2017 data breach to California federal court, arguing that multidistrict treatment is not necessary for the cases (In re: [24]7.AI Data Breach Litigation, No. 2863, JPMDL).

  • August 7, 2018

    Employee Log-In/Log-Out Records Must Be Produced In Employment Class Action

    RIVERSIDE, Calif. — A California federal magistrate judge on July 26 ordered a defendant in an employment class action to turn over log-in/log-out records to the plaintiff and to make good on its promise to turn over job descriptions (Gabriela Ortolani v. Freedom Mortgage Corp., No. 17-1462, C.D. Calif., Eastern Div., 2018 U.S. Dist. LEXIS 125522).