Mealey's Data Privacy

  • December 17, 2019

    NSA Prevails In Wikimedia’s Constitutional Claims Over Upstream Surveillance

    BALTIMORE — Wikimedia Foundation failed to establish that the National Security Agency (NSA) copied or collected any of its international internet communications as part of its upstream surveillance program, a Maryland federal judge ruled Dec. 16, dismissing for a second time the internet firm’s constitutional claims against the government, also deeming the suit precluded by the state secrets privilege (Wikimedia Foundation v. National Security Agency, et al., No. 1:15-cv-00662, D. Md.).

  • December 17, 2019

    TikTok, Others Agree To Settle Minors’ Class Suit Over Data Collection For $1.1M

    CHICAGO — Two days after filing a class complaint in an Illinois federal court accusing TikTok Inc. and others of violating the Children’s Online Privacy Protection Act (COPPA) and other laws by profiting off the collection of data from users under age 13 without parental consent, two minors, through their mothers, on Dec. 5 moved for preliminary approval of a $1.1 million class settlement (T.K., et al. v. Bytedance Technology Co., Ltd., et al., No. 19-7915, N.D. Ill.).

  • December 17, 2019

    Massachusetts, Indiana Oppose ‘Historic’ Settlement Of Equifax Data Breach Suit

    ATLANTA — In a Dec. 12 amicus curiae brief, Massachusetts asks a Georgia federal court to deny final approval of a proposed multibillion dollar settlement between Equifax Inc. and the plaintiffs in a consolidated class lawsuit over the company’s massive 2017 data breach, which the plaintiffs describe as having “achieved historic results,” faulting the agreement for inappropriately containing release language that limits its ability to pursue its own state court claims against Equifax (In Re:  Equifax Inc., Customer Data Security Breach Litigation, No. 1:17-md-2800, N.D. Ga.).

  • December 17, 2019

    Certiorari Answer Waived, Amicus Brief Filed In Facebook Face-Tagging Privacy Row

    WASHINGTON, D.C. — On the heels of the respondents’ filing of a waiver of right to respond to Facebook Inc.’s petition for certiorari, the social network received support for its petition in the form of a Dec. 13 amicus curiae brief from Washington Legal Foundation (WLF), which argues that the Ninth Circuit U.S. Court of Appeals “mangled its historical analysis” of standing under Article III of the U.S. Constitution in affirming the certification of a class suing Facebook for violation of an Illinois biometrics privacy law via its social network face-tagging feature without requiring a concrete injury (Facebook Inc. v. Nimesh Patel, et al., No. 19-706, U.S. Sup.).

  • December 16, 2019

    Judge Declines To Dismiss Chicago’s Complaint In Marriott Data Breach MDL

    GREENBELT, Md. — A Maryland federal judge on Dec. 13 denied a motion by Marriott International Inc. to dismiss a complaint by Chicago, one of many cases consolidated in a multidistrict litigation in the wake of a data breach the hotel chain experienced, finding that the city sufficiently pleaded claims based on its own injuries under a municipal ordinance (In re:  Marriott International Inc. Customer Data Security Breach Litigation, No. 8:19-md-02879, D. Md., 2019 U.S. Dist. LEXIS 215154).

  • December 13, 2019

    Inmate’s Privacy, FCRA Claims Over Vendor’s Data Breach Survive Dismissal

    SCRANTON, Pa. — A Pennsylvania federal judge on Dec. 11 denied a motion by the Pennsylvania Department of Corrections (DOC) to dismiss an inmate’s allegations of violation of his privacy rights and the Fair Credit Reporting Act (FCRA), finding that the inmate has standing to sue over a DOC vendor’s data breach that exposed his personally identifiable information (PII) (Daryl Locke v. John Wetzel, et al., No. 3:19-cv-00499, M.D. Pa., 2019 U.S. Dist. LEXIS 213648).

  • December 12, 2019

    Glyphosate Plaintiffs Seek To File Medical Information Under Seal In Roundup MDL

    SAN FRANCISCO — Plaintiffs in the multidistrict litigation related to Roundup Products Liability on Dec. 11 moved in California federal court seeking to file under seal medical information related to their diagnoses of cancer, which they argue was caused by exposure to glyphosate, the active ingredient in the herbicide Roundup (In re: Roundup Products Liability Litigation [Hernandez v. Monsanto Co.], MDL No. 2741, No. 17-07364, N.D. Calif.).

  • December 12, 2019

    ACLU Files FOIA Suit Over Use Of Cell Site Simulators By ICE, CBP

    NEW YORK — In a Dec. 11 complaint, the American Civil Liberties Union asks a New York federal court to compel U.S. Customs and Border Protection (CBP) and U.S. Immigration and Customs Enforcement (ICE) to comply with its requests under the Freedom of Information Act (FOIA) seeking information about the agencies’ use of cell site simulators in immigration enforcement activities, citing “privacy concerns” (American Civil Liberties Union v. U.S. Customs and Border Protection, et al., No. 1:19-cv-11311, S.D. N.Y.).

  • December 12, 2019

    Former FBI Attorney Sues Bureau, DOJ For Leaking Text Messages To The Press

    WASHINGTON, D.C. — A former attorney with the Federal Bureau of Investigation filed a complaint against her former employer and the U.S. Department of Justice (DOJ) in District of Columbia federal court on Dec. 10, claiming that the agencies violated the Privacy Act by disclosing hundreds of her text messages to the press without her consent (Lisa Page v. U.S. Department of Justice, et al., No. 1:19-cv-03675, D. D.C.).

  • December 10, 2019

    Facebook Seeks Certiorari Over Class Certification In Face-Tagging Privacy Row

    WASHINGTON, D.C. — On Dec. 2, Facebook Inc. filed a petition for certiorari with the U.S. Supreme Court, arguing that the Ninth Circuit U.S. Court of Appeals erred in affirming certification of a class suing it for violation of an Illinois biometrics privacy law via its social network face-tagging feature, contending that proper consideration was not given to whether there are predominating issues or concrete, imminent injuries (Facebook Inc. v. Nimesh Patel, et al., No. 19-706, U.S. Sup.).

  • December 05, 2019

    California Woman Says TikTok, Apps Collect, Transmit User Data

    SAN JOSE, Calif. — In a putative class complaint filed Nov. 27 in California federal court, a college student claims that the popular TikTok video-sharing app and its predecessor have “clandestinely . . . vacuumed up” users’ personally identifiable information (PII) and transferred it to China, alleging computer fraud, invasion of privacy and unfair competition, among other things (Misty Hong v. ByteDance Inc., et al., No. 5:19-cv-07792, N.D. Calif.).

  • December 05, 2019

    Class Complaint Accuses Hy-Vee Of Negligence Following Data Breach

    KANSAS CITY, Mo. — A supermarket chain’s “inadequate and negligent security measures” allowed hackers to steal customers’ data for approximately seven months before the theft was halted, a Missouri man alleges in his Nov. 19 class complaint filed in the U.S. District Court for the Western District of Missouri (Gordon Grewing, et al. v. Hy-Vee, Inc., No. 19-928, W.D. Mo.).

  • December 03, 2019

    Judge Denies Insurer’s Renewed Motion As To Yahoo’s Bad Faith, Damages Claims

    SAN JOSE, Calif. — A California federal judge on Nov. 25 denied a commercial general liability insurer's renewed motion for judgment as a matter of law on Yahoo! Inc.'s bad faith and bad faith damages claims, finding that the insurer has failed to present any new evidence or new argument since the original motion was denied in May (Yahoo! Inc. v. National Union Fire Insurance Company of Pittsburgh, PA, No. 17-00489, N.D. Calif., 2019 U.S. Dist. LEXIS 204411).

  • December 03, 2019

    Law Firm, Attorney Ask 4th Circuit To Reverse No Coverage Ruling For DPPA Claim

    RICHMOND, Va. — A personal injury law firm and its attorney recently asked the Fourth Circuit U.S. Court of Appeals to reverse a lower federal court’s finding that a business liability insurer has no duty to defend against an underlying lawsuit alleging that they violated the Driver’s Privacy Protection Act, arguing that construing the policy exclusions against the insurer and in favor of coverage is required under North Carolina law (Hartford Casualty Insurance Company v. John J. Gelshenen Jr., et al., No. 19-1578, 4th Cir., 2019 U.S. Dist. LEXIS 75985).

  • December 02, 2019

    Class Partly Certified, 1 Expert Excluded In Facebook ‘View As’ Data Breach Suit

    SAN FRANCISCO — In a Nov. 26 order, a California federal judge granted class certification for injunctive purposes only in a lawsuit over a data breach that affected the “view as” feature on Facebook Inc.’s social network, while also declining to certify a damages class and issuing a split ruling on Facebook’s motions to strike the opinions of two of the plaintiff’s expert witnesses (Stephen Adkins v. Facebook, Inc., No. 3:18-cv-05982, N.D. Calif.).

  • November 27, 2019

    Nondisclosure Of Private Health Information Outweighs Public Interest, Judge Says

    COLUMBUS, Ohio — An Ohio federal magistrate judge on Nov. 25 granted a disability insurer’s request to file a plan participant’s claim file under seal because the nondisclosure of the plan participant’s private health information outweighs any public interest in the breach of contract and bad faith suit filed against the disability insurer (Barbara Cluck v. Unum Life Insurance Company of America, No. 18-56, S.D. Ohio, 2019 U.S. Dist. LEXIS 203849).

  • November 21, 2019

    FBI Cannot Rely On Glomar Response In FOIA Suit Over Social Media Surveillance

    SAN FRANCISCO — Denying a motion for partial summary judgment by the U.S. Department of Justice (DOJ), a California federal judge on Nov. 18 found that the Federal Bureau of Investigation did not meet its burden to invoke a “Glomar response” to a Freedom of Information Act (FOIA) request in which the American Civil Liberties Union Foundation (ACLUF) sought production of documents and information related to the bureau’s social media surveillance techniques (American Civil Liberties Union Foundation, et al. v. U.S. Department of Justice, et al., No. 3:19-cv-00290, N.D. Calif., 2019 U.S. Dist. LEXIS 199607).

  • November 21, 2019

    Judge Orders Arbitration Of Data-Selling Lawsuits Against Mobile Carriers

    BALTIMORE — The plaintiffs in four putative class actions against the four major U.S. mobile carriers failed to establish that arbitration provisions within their respective customer agreements are unconscionable, a Maryland federal judge ruled Oct. 24, granting the carriers’ motions to compel arbitration and stay the lawsuits over the companies’ purported selling of customers’ geolocation data (Paul Baron v. Sprint Corp., No. 1:19-cv-01255, D. Md.; Tyler Morrison v. AT&T Mobility LLC, No. 1:19-cv-01257, D. Md.; Michelle Morrison v. Verizon Communications Inc., et al., No. 1:19-cv-01298, D. Md.; Shawnay Ray, et al. v. T-Mobile US Inc., No. 1:19-cv-01299, D. Md.).

  • November 20, 2019

    Target Sues Insurer For Coverage Of Banks’ Settlement In Data Breach Litigation

    MINNEAPOLIS — Citing a multimillion dollar coverage dispute of more than five years with its primary insurer over its settlement with a group of financial institutions (FIs) over a 2013 data breach, Target Corp. filed breach of contract claims against the insurer in Minnesota federal court on Nov. 15, seeking coverage declarations and damages (Target Corp. v. ACE American Insurance Co., et al., No. 0:19-cv-02916, D. Minn.).

  • November 19, 2019

    Delta Customer Appeals Dismissal Of Data Breach Suit To 9th Circuit

    SAN FRANCISCO — A customer of Delta Air Lines Inc. tells the Ninth Circuit U.S. Court of Appeals in a Nov. 18 brief that The Airline Deregulation Act (ADA) does not preempt her ability to bring contractual claims against the airline related to a 2017 data breach that compromised her personally identifiable information (PII), appealing the dismissal of her putative class complaint (Teresa J. McGarry v. Delta Air Lines Inc., et al., No. 19-55790, 9th Cir.).

Can't find the article you're looking for? Click here to search the Mealey's Data Privacy archive.