We use cookies on this site to enable your digital experience. By continuing to use this site, you are agreeing to our cookie policy. close

Mealey's Data Privacy

  • July 27, 2018

    COMMENTARY: Can Human Error Really Constitute Insured Computer Fraud? A Circuit Split On Coverage For Spoofing Claims Will Spur More Litigation.

    By Laura Foggan and Stephanie V. Corrao

  • July 27, 2018

    Google Defends Document Withholding, Redaction In Biometric Privacy Suits

    CHICAGO — Opposing a motion to compel production of documents withheld under attorney-client privilege, Google LLC in a July 26 filing tells an Illinois federal court that the disputed materials were properly designated as privileged as they pertained to legal advice in two lawsuits alleging that it violated Illinois’ Biometric Information Privacy Act (BIPA) with a photo-tagging feature (Lindabeth Rivera v. Google LLC, No. 1:16-cv-02714, and Joseph Weiss v. Google LLC, No. 1:16-cv-02870, N.D. Ill.).

  • July 25, 2018

    Insurer Says It Owed No Noncontractual Duties Related To Data Breach

    WASHINGTON, D.C. — Supporting its motion to dismiss negligence and breach of confidentiality claims related to a 2014 data breach, a health insurer tells a District of Columbia federal court in a July 23 reply brief that the plaintiff policyholders failed to sufficiently allege damages or the breach of any noncontractual duties (Chantal Attias, et al. v. CareFirst Inc., et al., No. 1:15-cv-00882, D. D.C.).

  • July 25, 2018

    Remanded Case Over Microsoft Email Subpoena Dismissed As Moot

    NEW YORK — In accord with instructions from the U.S. Supreme Court and the Second Circuit U.S. Court of Appeals, a New York federal judge on July 24 dismissed a case that had centered on law enforcement’s ability to compel Microsoft Corp. to produce foreign-stored emails under the Stored Communications Act (SCA), deeming the suit moot per the recently enacted Clarifying Lawful Overseas Use of Data Act (CLOUD Act) (In the Matter of a Warrant to Search a Certain E-Mail Account Controlled and Maintained by Microsoft Corp. [Microsoft v. United States], No. 1:13-mj-02814, S.D. N.Y.).

  • July 23, 2018

    Dismissal, Amendment Denied In Voter Data Collection Lawsuit

    WASHINGTON, D.C. — Denying the U.S. government’s motion to dismiss and a privacy rights group’s motion to amend its complaint in a July 19 order, a District of Columbia federal judge anticipated “that no further adjudication” would be necessary in a lawsuit over a now-dissolved presidential commission’s collection of voter data in light of the impending destruction of the disputed data (Electronic Privacy Information Center v. Presidential Advisory Commission on Election Integrity, et al., No. 1:17-cv-01320, D. D.C.).

  • July 23, 2018

    Equifax Moves To Dismiss Consumers’, Banks’ Class Claims Over Data Breach

    ATLANTA — Three weeks after moving to dismiss consumer class claims over its 2017 data breach, Equifax Inc. on July 16 filed a motion in Georgia federal court to dismiss claims brought by a group of financial institutions (FIs) for failure to plead any injuries attributable to the breach (In Re:  Equifax Inc., Customer Data Security Breach Litigation, No. 1:17-md-2800, N.D. Ga.).

  • July 23, 2018

    OPM Tells D.C. Circuit Unions Lacked Standing To Sue Over Data Breach

    WASHINGTON, D.C. — The U.S. Office of Personnel Management (OPM) and a contractor filed appellee briefs with the District of Columbia Circuit U.S. Court of Appeals July 19, arguing that a trial court correctly dismissed two employee unions’ negligence and privacy claims related to a 2015 data breach for lack of standing and under the doctrine of sovereign immunity (In Re:  U.S. Office of Personnel Management Data Security Breach Litigation, No. 17-5217 & 17-5232, D.C. Cir.).

  • July 20, 2018

    D.C. Circuit Won’t Consolidate Government Surveillance Suit With Earlier Appeals

    WASHINGTON, D.C. — In a July 17 per curiam order, a District of Columbia Circuit U.S. Court of Appeals panel denied the U.S. government’s motion to consolidate an appeal over purported unconstitutional government surveillance of U.S. citizens with two pending, consolidated appeals involving the same appellant related to the National Security Agency’s (NSA’s) bulk metadata collection program (Larry Klayman v. James Comey, et al., No. 18-5097, D.C. Cir.).

  • July 19, 2018

    U.S. Government, Amici Brief High Court On Cy Pres In Google Privacy Suit

    WASHINGTON, D.C. — The U.S. Supreme Court received 13 amicus curiae briefs on July 16 offering opinions on the fairness of an $8.5 million cy pres settlement of a privacy class action against Google LLC, with the U.S. government voicing its concerns over jurisdiction, possible collusion and unfair attorney fee awards in such settlements (Theodore H. Frank, et al. v. Paloma Gaos, et al., No. 17-961, U.S. Sup.).

  • July 18, 2018

    Class Seeks Approval Of $8.3 Million Settlement In Lenovo Adware Suit

    SAN JOSE, Calif. — A class of purchasers of Lenovo (United States) Inc. computers on July 11 asked a California federal judge to grant preliminary approval of a proposed settlement of privacy and computer fraud claims over the computer manufacturer’s use of intrusive adware, which would set up an $8.3 million settlement fund for affected consumers (In Re:  Lenovo Adware Litigation, No. 3:15-md-02624, N.D. Calif.).

  • July 17, 2018

    Nationwide, Policyholders Settle Data Breach Suit; 6th Circuit Dismisses Appeal

    CINCINNATI — In light of a stipulation of dismissal filed by Nationwide Mutual Insurance Co. and two of its policyholders that had sued the insurer over a 2012 data breach, the Sixth Circuit U.S. Court of Appeals on July 12 issued an order dismissing the insureds’ appeal of a trial court’s ruling that had disposed of their lone remaining claim for bailment (Mohammad S. Galaria, et al. v. Nationwide Mutual Insurance Co., No. 18-3063 and 18-3064, 6th Cir.).

  • July 13, 2018

    Judge Denies Approval Of ‘Deficient’ Settlement In Hotel Data Breach Class Action

    SAN FRANCISCO — A proposed $600,000 settlement of a putative class action over a hotel chain’s 2016 data breach was denied preliminary approval July 12 by a California federal judge, who enumerated “glaring issues” related to explanations of class member payments and class notice procedures (Andrew Parsons v. Kimpton Hotel & Restaurant Group LLC, No. 3:16-cv-05387, N.D. Calif.).

  • July 12, 2018

    Google Privacy Class Objectors Tell High Court Cy Pres-Only Settlement Is Unfair

    WASHINGTON, D.C. — Two objectors to the $8.5 million settlement of a privacy class action against Google LLC tell the U.S. Supreme Court in a July 9 merits brief that the distribution of settlement funds to cy pres recipients, rather than class members, does not constitute a “fair, reasonable, and adequate” settlement of the class claims per Federal Rule of Civil Procedure 23 (Theodore H. Frank, et al. v. Paloma Gaos, et al., No. 17-961, U.S. Sup.).

  • July 11, 2018

    Motel 6 Has Agreed To Settle Class Suit Over Giving ICE Guest Lists

    PHOENIX — Motel 6 Operating L.P. and G6 Hospitality LLC, doing business as Motel 6, and guests who filed a class complaint over the motel chain’s policy of voluntarily turning over guest registration information to agents of U.S. Immigration and Customs Enforcement (ICE) within the Department of Homeland Security (DHS) filed a joint notice of settlement on July 6 in the U.S. District Court for the District of Arizona and noted that it needed additional time to finalize the documentation (Jane V., et al. v. Motel 6 Operating L.P., et al., No. 18-242, D. Ariz.).

  • July 11, 2018

    NSA, Wikimedia Debate State Secrets Privilege, In Camera Review

    BALTIMORE — In supplemental briefs filed July 6 in Maryland federal court, Wikimedia Foundation and the U.S. government debate whether an in camera review provision in the Foreign Intelligence Surveillance Act (FISA) displaces the state secrets privilege regarding documents withheld from discovery by the government in a lawsuit over communications intercepted by the National Security Agency (NSA) as part of its upstream surveillance program (Wikimedia Foundation v. National Security Agency, et al., No. 1:15-cv-00662, D. Md.).

  • July 10, 2018

    Judge Finds Jurisdiction Lacking In DNC Email Hacking Suit, Denies Discovery

    WASHINGTON, D.C. — A District of Columbia federal judge on July 3 granted a motion by Donald Trump’s presidential campaign to dismiss a lawsuit over the 2016 hack of the Democratic National Committee’s (DNC’s) database, finding that the plaintiffs, whose emails were made public in the incident, failed to establish jurisdiction (Roy Cockrum, et al. v. Donald J. Trump For President Inc., et al., No. 1:17-cv-01370, D. D.C., 2018 U.S. Dist. LEXIS 110948).

  • July 10, 2018

    2nd Circuit Affirms $5.8M Judgment In Insured’s Favor In Computer Fraud Dispute

    NEW YORK — The Second Circuit U.S. Court of Appeals on July 6 affirmed a lower federal court’s ruling that a firm's multimillion dollar loss due to a fraudulent wire transfer scheme constituted computer fraud under the company's executive protection insurance policy (Medidata Solutions Inc v. Federal Insurance Company, No. 17-2492, 2nd Cir., 2018 U.S. App. LEXIS 18376).

  • July 10, 2018

    Employer To High Court: Federal Arbitration Act Preempts State Law

    WASHINGTON, D.C. — The Ninth Circuit U.S. Court of Appeals defied the U.S. Supreme Court’s clear holding when it ruled that the Federal Arbitration Act (FAA) doesn’t preempt state law and the lack of reference to class arbitration in an employment agreement is not “silence” as defined by Stolt-Nielsen S.A. v. AnimalFeeds Int’l Corp., 559 U.S. 662, 684 (2010), an employer argues in a petitioner brief filed in the U.S. Supreme Court on July 9 (Lamps Plus, Inc., et al. v. Frank Varela, No. 17-988, U.S. Sup.).

  • July 5, 2018

    Illinois Says It Should Not Be Part Of Consolidated Facebook Data-Sharing MDL

    WASHINGTON, D.C. — In a June 29 motion, an Illinois state’s attorney asks the U.S. Judicial Panel for Multidistrict Litigation (JPMDL) to vacate its recently issued conditional order, as it relates to the state of Illinois, which consolidated lawsuits over Facebook Inc.’s recent data-sharing incident in a California federal multi-district litigation (MDL) (In re Facebook Inc., Consumer Privacy User Profile Litigation, No. 2843, JPMDL).

  • July 3, 2018

    Privacy Group Supports 9th Circuit Appeal Over Facebook Persistent Cookie Use

    SAN FRANCISCO — Consumer privacy organization The Electronic Privacy Information Center (EPIC) filed an amicus curiae brief on June 26, urging the Ninth Circuit U.S. Court of Appeals to find that Facebook Inc.’s use of persistent cookies to track the private internet browsing activity of social network users, even after they were logged out of the service, was “an invasive business practice in violation of privacy laws” (In re:  Facebook Inc. Internet Tracking Litigation, No. 17-17486, 9th Cir.).