Mealey's Data Privacy

  • July 30, 2019

    Equifax Settles Data Breach Claims Brought By Puerto Rico

    ATLANTA — Three days after a settlement was announced between Equifax Inc. and the consumer plaintiffs suing it over the 2017 data breach, a Georgia federal judge on July 25 signed an order approving a final judgment and a permanent injunction that settles claims brought against Equifax by Puerto Rico (Puerto Rico v. Equifax Inc., No. 1:18-cv-5611, N.D. Ga.).

  • July 30, 2019

    Insurer Asks D.C. Circuit To Affirm Dismissal Of Data Breach Class Claims

    WASHINGTON, D.C. — A health insurance provider tells the District of Columbia Circuit U.S. Court of Appeals in a July 24 appellee brief that a trial court correctly found that a group of policyholders did not sufficiently plead their breach of contract and consumer protection claims related to a 2014 data breach (Chantal Attias, et al. v. CareFirst Inc., et al., No. 19-7020, D.C. Cir.).

  • July 30, 2019

    Class Seeks Approval Of $13 Million Google Street View Privacy Suit Settlement

    SAN FRANCISCO — After “nearly a decade of litigation,” a group of plaintiffs who sued Google LLC for privacy violations related to its Street View feature announced the settlement of their class claims against the internet giant on July 19, when they asked a California federal court to preliminarily approve a proposed $13 million settlement agreement (In re Google LLC Street View Electronic Communications Litigation, No. 3:10-md-02184, N.D. Calif.).

  • July 29, 2019

    Privacy Group Seeks To Intervene In FTC’s $5 Billion Facebook Privacy Settlement

    WASHINGTON, D.C. — Two days after the Federal Trade Commission announced a $5 billion settlement with Facebook Inc. over its violation of a 2012 consent order settling privacy violations by the social network, the Electronic Privacy Information Center (EPIC) filed a motion to intervene in the matter on July 26, telling a District of Columbia federal court that the commission’s “proposed settlement fails to safeguard the interests of Facebook users” (United States v. Facebook Inc., No. 1:19-cv-02184, D. D.C.).

  • July 29, 2019

    9th Circuit Denies Motion To Dismiss Facebook’s Appeal Of Biometric Class Certification

    SAN FRANCISCO — The Ninth Circuit U.S. Court of Appeals in a July 25 one-page order denied a motion to dismiss Facebook Inc.’s appeal of a trial court’s certification of a class suing it for violation of an Illinois biometric privacy law (Nimesh Patel, et al v. Facebook, Inc., No. 18-15982, 9th Cir.).

  • July 26, 2019

    11th Circuit: Home Depot Data Breach Fee Agreement Was Fee-Shifting Contract

    ATLANTA — An attorney fee arrangement in a data breach class settlement between Home Depot and Home Depot U.S.A. Inc. (collectively, Home Depot) and a group of financial institutions (FI) where attorney fees would be paid separately from the class fund was a fee-shifting contract and so the trial court abused its discretion when it used a multiplier to account for risk, an 11th Circuit U.S. Court of Appeals panel ruled July 25, partially affirming and partially vacating a $15.3 million award (In Re:  The Home Depot Inc., Customer Data Security Breach Litigation [Northeastern Engineers Federal Credit Union, et al. v. Home Depot, Inc., et al.], No. 17-14741, 11th Cir., 2019 U.S. App. LEXIS 22167).

  • July 25, 2019

    Facebook To Pay $100M To Settle SEC Claims Over Data Breach

    SAN FRANCISCO — Facebook Inc. will pay $100 million to settle claims brought by the Securities and Exchange Commission alleging that the social media network violated federal securities laws by issuing a series of misrepresentations to investors concealing misuse of its user data by data analytics company Cambridge Analytica, according to court documents filed July 24 in California federal court (Securities and Exchange Commission v. Facebook Inc., No. 19-4241, N.D. Calif.).

  • July 25, 2019

    Judge Dismisses Suit Accusing Facebook Of Publicizing Messenger Contents

    SAN FRANCISCO — A federal judge in California on July 23 dismissed a lawsuit brought by two couples accusing Facebook Inc. of violating the Federal Trade Commission Act (FTC Act), public disclosure and breach of contract, finding that the plaintiffs failed to sufficiently allege those causes of action because they did not describe the contents of the messages that were made public and how Facebook’s alleged breach of the user agreement resulted in damages (Ibrahim Hassan, et al. v. Facebook Inc., No. 19-cv-01003-JST, N.D. Calif., 2019 U.S. Dist. LEXIS 122803).

  • July 24, 2019

    Federal Trade Commission Fines Facebook $5B For Data Privacy Violations

    WASHINGTON, D.C. — The Federal Trade Commission announced July 24 that Facebook Inc. will pay $5 billion for violating an order issued by the FTC in 2012 and deceiving users about their ability to control the privacy of their personal information (United States v. Facebook Inc., No. 19-2184, D. D.C.).

  • July 23, 2019

    Yahoo’s $117.5M Data Breach Settlement Granted Preliminary Approval

    SAN JOSE, Calif. — A federal judge in California on July 20 granted preliminary approval of a $117.5 million settlement to be paid by Yahoo Inc. to end a consolidated class action against the company over a series of data breaches (In re:  Yahoo! Inc. Customer Data Security Breach Litigation, No. 5:16-md-02752, N.D. Calif.).

  • July 23, 2019

    Data Collection Suit Against Car Rental Company Remanded To State Court

    LOS ANGELES — Because a car rental company’s motion to dismiss privacy claims over customer data collection was based on a lack of jurisdiction, a California federal judge on July 8 found that this contradicted the company’s initial removal of the case from state court, leading the judge to grant the plaintiff’s motion to remand the matter to state court because the defendant cannot “have it both ways” (Andy Ayala v. Sixt Rent A Car LLC, No. 2:19-cv-01514, C.D. Calif., 2019 U.S. Dist. LEXIS 112879).

  • July 22, 2019

    Equifax Data Breach Plaintiffs Seek Notice Of Settlement They Value In The Billions

    ATLANTA — Plaintiffs suing Equifax Inc. over its 2017 data breach filed a motion on July 22 in the U.S. District Court for the Northern District of Georgia to direct notice of a proposed settlement, which plaintiffs claim has a value in excess of $282 billion, to the class of consumers (In re Equifax Inc. Customer Data Security Breach Litigation, No. 1:17-md-2800, N.D. Ga.).

  • July 19, 2019

    Marriott Moves To Dismiss Chicago Data Breach Suit For Lack Of Standing, Authority

    GREENBELT, Md. — Marriott International Inc. on July 15 moved in Maryland federal court to dismiss a complaint by the city of Chicago, one of dozens of cases consolidated in a multidistrict litigation in the wake of a data breach it experienced, arguing that the city lacks authority to sue under the Illinois Constitution and lacks standing under Article III of the U.S. Constitution (In re:  Marriott International Inc. Customer Data Security Breach Litigation, No. 8:19-md-02879, D. Md.).

  • July 18, 2019

    AT&T Customers Sue Over Release Of Real-Time Location Information

    SAN FRANCISCO — Three AT&T Wireless customers filed a class complaint in a federal court in California on July 16 against AT&T Inc. and others over the alleged sale of their real-time locations to parties willing to pay $300 without their knowledge or consent (Katherine Scott, et al. v. AT&T Inc., et al., No. 19-4063, N.D. Calif.).

  • July 16, 2019

    Judge Compels Arbitration In Geolocation-Sharing Suit Against AT&T

    BALTIMORE — In a July 15 paperless order, a Maryland federal judge granted AT&T Mobility LLC’s motion to compel arbitration in a putative class action over the wireless provider’s alleged sharing of customers’ geolocation data in light of an arbitration provision within the defendant’s customer agreement (Tyler Morrison v. AT&T Mobility LLC, No. 1:19-cv-01257, D. Md.).

  • July 12, 2019

    Final Approval Granted To Settlement Of Kimpton Hotel Data Breach Class Action

    SAN FRANCISCO — Seven months after preliminarily approving a settlement of class claims over a hotel chain’s 2016 data breach, a California federal judge on July 11 granted final approval to the agreement that provides for up to $600,000 in relief for the class and $800,000 in attorney fees (Andrew Parsons v. Kimpton Hotel & Restaurant Group LLC, No. 3:16-cv-05387, N.D. Calif.).

  • July 11, 2019

    Plaintiffs Oppose Google’s Motion To Dismiss Location-Tracking Privacy Claims

    SAN JOSE, Calif. — A group of plaintiffs who accuse Google LLC of surreptitiously tracking them via certain smart phones settings without their knowledge filed a brief in California federal court on July 2 opposing the company’s motion to dismiss their putative class privacy claims, asserting that they never consented to having their location tracked (In re Google Location History Litigation, No. 5:18-cv-05062, N.D. Calif.).

  • July 11, 2019

    Facebook Denies D.C.’s Consumer Protection Claims Over Protection Of Users’ Data

    WASHINGTON, D.C. — A week and a half after a District of Columbia Superior Court judge denied its motion to appeal a jurisdictional ruling in a consumer protection lawsuit brought by the district, Facebook Inc. filed its answer to the complaint July 8, denying any failures to protect the data of its social network’s users and asserting that the court lacks jurisdiction over it (District of Columbia v. Facebook Inc., No. 2018 CA 8715 B, D.C. Super.).

  • July 09, 2019

    Marriott Requests Targeted Discovery Over Bank’s Standing In Data Breach MDL

    GREENBELT, Md. — Questioning the standing of a bank that is one of the many plaintiffs in the multidistrict litigation over a data breach that it experienced, Marriott International Inc. on July 9 filed a letter in Maryland federal court requesting leave to conduct limited discovery regarding the bank’s claimed damages from the breach to determine whether it suffered a necessary injury-in-fact (In re:  Marriott International Inc. Customer Data Security Breach Litigation, No. 8:19-md-02879, D. Md.).

  • July 09, 2019

    Judge Finds Fired Employees Spoliated Evidence, Dismisses Age Discrimination Suit

    FORT SMITH, Ark. — Two employees fired for data security flaws failed to establish that their terminations were due to age discrimination, an Arkansas federal judge ruled July 3, granting summary judgment to their former employer after also finding that the ex-employees intentionally spoliated evidence by encrypting and deleting text messages (Brian Herzig, et al. v. Arkansas Foundation for Medical Care Inc., No. 2:18-cv-02101, W.D. Ark., 2019 U.S. Dist. LEXIS 111296).

Can't find the article you're looking for? Click here to search the Mealey's Data Privacy archive.