WASHINGTON, D.C. — The Electronic Privacy Information Center (EPIC) lacks standing to intervene in a recently announced $5 billion settlement between the Federal Trade Commission (FTC) and Facebook Inc. over certain data-sharing practices engaged in by the social network, the U.S. Department of Justice (DOJ) argues in an Aug. 5 brief opposing the privacy group’s motion to intervene, which it calls “legally and procedurally infirm” (United States v. Facebook Inc., No. 1:19-cv-02184, D. D.C.).
SIOUX FALLS, S.D. — A plaintiff suing her former school district for constitutional violations and discrimination related to a school newspaper comment must provide discovery related to her electronic communications and cell phone, a South Dakota federal magistrate judge ruled Aug. 1, granting the school district’s motion to compel but limiting the timeframe and establishing guidelines to protect private and privileged information (Addison Ludwig v. Elk Point-Jefferson School District 61-7, et al., No. 4:18-cv-04091, D. S.D., 2019 U.S. Dist. LEXIS 128630).
PHOENIX — An amended settlement agreement and proposed order were filed July 31 in an Arizona class lawsuit over guest lists being voluntarily turned over to U.S. Immigration and Customs Enforcement (ICE) agents by Motel 6 Operating L.P. and G6 Hospitality LLC, doing business as Motel 6, adding an injunctive relief class to the settlement that totals up to $10 million (Jane V., et al. v. Motel 6 Operating L.P., et al., No. 18-242, D. Ariz.).
NEW YORK — A federal judge in New York on July 30 ruled that the First Amendment to the U.S. Constitution prohibits the Democratic National Committee (DNC) from holding members of President Donald Trump’s family, his presidential campaign and certain of its members, Wikileaks and others liable as second-level participants in the dissemination of confidential and trade secret materials stolen by the Russian Federation in a massive hacking campaign leading up to the 2016 presidential election (Democratic National Committee v. The Russian Federation, et al., No. 18-3501, S.D. N.Y., 2019 U.S. Dist. LEXIS 126888).
SEATTLE — With a California man’s filing of a lawsuit against Capital One Financial Corp. in Washington federal court on July 30, four putative federal class complaints were filed against the credit card issuer the day after it announced a data breach that compromised the personally identifiable information (PII) of up to 100 million customers (Michael Fadullon v. Capital One Financial Corp., et al., No. 2:19-cv-01189, W.D. Wash.).
HOUSTON — On remand from the Fifth Circuit U.S. Court of Appeals, a senior federal judge in Texas on July 23 granted a specialty retail chain insured’s motion for partial summary judgment as to its request for a declaration that its insurer owes coverage for demand letter claims and an underlying litigation arising from the hacking of its credit card network but denied the motion as to the insured’s TexasInsurance Code claim and claims for attorney fees and prejudgment interest (Spec's Family Partners, Ltd. v. The Hanover Insurance Company, No. 16-438, S.D. Texas, 2019 U.S. Dist. LEXIS 122310).
ATLANTA — Three days after a settlement was announced between Equifax Inc. and the consumer plaintiffs suing it over the 2017 data breach, a Georgia federal judge on July 25 signed an order approving a final judgment and a permanent injunction that settles claims brought against Equifax by Puerto Rico (Puerto Rico v. Equifax Inc., No. 1:18-cv-5611, N.D. Ga.).
WASHINGTON, D.C. — A health insurance provider tells the District of Columbia Circuit U.S. Court of Appeals in a July 24 appellee brief that a trial court correctly found that a group of policyholders did not sufficiently plead their breach of contract and consumer protection claims related to a 2014 data breach (Chantal Attias, et al. v. CareFirst Inc., et al., No. 19-7020, D.C. Cir.).
SAN FRANCISCO — After “nearly a decade of litigation,” a group of plaintiffs who sued Google LLC for privacy violations related to its Street View feature announced the settlement of their class claims against the internet giant on July 19, when they asked a California federal court to preliminarily approve a proposed $13 million settlement agreement (In re Google LLC Street View Electronic Communications Litigation, No. 3:10-md-02184, N.D. Calif.).
WASHINGTON, D.C. — Two days after the Federal Trade Commission announced a $5 billion settlement with Facebook Inc. over its violation of a 2012 consent order settling privacy violations by the social network, the Electronic Privacy Information Center (EPIC) filed a motion to intervene in the matter on July 26, telling a District of Columbia federal court that the commission’s “proposed settlement fails to safeguard the interests of Facebook users” (United States v. Facebook Inc., No. 1:19-cv-02184, D. D.C.).
SAN FRANCISCO — The Ninth Circuit U.S. Court of Appeals in a July 25 one-page order denied a motion to dismiss Facebook Inc.’s appeal of a trial court’s certification of a class suing it for violation of an Illinois biometric privacy law (Nimesh Patel, et al v. Facebook, Inc., No. 18-15982, 9th Cir.).
ATLANTA — An attorney fee arrangement in a data breach class settlement between Home Depot and Home Depot U.S.A. Inc. (collectively, Home Depot) and a group of financial institutions (FI) where attorney fees would be paid separately from the class fund was a fee-shifting contract and so the trial court abused its discretion when it used a multiplier to account for risk, an 11th Circuit U.S. Court of Appeals panel ruled July 25, partially affirming and partially vacating a $15.3 million award (In Re: The Home Depot Inc., Customer Data Security Breach Litigation [Northeastern Engineers Federal Credit Union, et al. v. Home Depot, Inc., et al.], No. 17-14741, 11th Cir., 2019 U.S. App. LEXIS 22167).
SAN FRANCISCO — Facebook Inc. will pay $100 million to settle claims brought by the Securities and Exchange Commission alleging that the social media network violated federal securities laws by issuing a series of misrepresentations to investors concealing misuse of its user data by data analytics company Cambridge Analytica, according to court documents filed July 24 in California federal court (Securities and Exchange Commission v. Facebook Inc., No. 19-4241, N.D. Calif.).
SAN FRANCISCO — A federal judge in California on July 23 dismissed a lawsuit brought by two couples accusing Facebook Inc. of violating the Federal Trade Commission Act (FTC Act), public disclosure and breach of contract, finding that the plaintiffs failed to sufficiently allege those causes of action because they did not describe the contents of the messages that were made public and how Facebook’s alleged breach of the user agreement resulted in damages (Ibrahim Hassan, et al. v. Facebook Inc., No. 19-cv-01003-JST, N.D. Calif., 2019 U.S. Dist. LEXIS 122803).
WASHINGTON, D.C. — The Federal Trade Commission announced July 24 that Facebook Inc. will pay $5 billion for violating an order issued by the FTC in 2012 and deceiving users about their ability to control the privacy of their personal information (United States v. Facebook Inc., No. 19-2184, D. D.C.).
SAN JOSE, Calif. — A federal judge in California on July 20 granted preliminary approval of a $117.5 million settlement to be paid by Yahoo Inc. to end a consolidated class action against the company over a series of data breaches (In re: Yahoo! Inc. Customer Data Security Breach Litigation, No. 5:16-md-02752, N.D. Calif.).
LOS ANGELES — Because a car rental company’s motion to dismiss privacy claims over customer data collection was based on a lack of jurisdiction, a California federal judge on July 8 found that this contradicted the company’s initial removal of the case from state court, leading the judge to grant the plaintiff’s motion to remand the matter to state court because the defendant cannot “have it both ways” (Andy Ayala v. Sixt Rent A Car LLC, No. 2:19-cv-01514, C.D. Calif., 2019 U.S. Dist. LEXIS 112879).
ATLANTA — Plaintiffs suing Equifax Inc. over its 2017 data breach filed a motion on July 22 in the U.S. District Court for the Northern District of Georgia to direct notice of a proposed settlement, which plaintiffs claim has a value in excess of $282 billion, to the class of consumers (In re Equifax Inc. Customer Data Security Breach Litigation, No. 1:17-md-2800, N.D. Ga.).
GREENBELT, Md. — Marriott International Inc. on July 15 moved in Maryland federal court to dismiss a complaint by the city of Chicago, one of dozens of cases consolidated in a multidistrict litigation in the wake of a data breach it experienced, arguing that the city lacks authority to sue under the Illinois Constitution and lacks standing under Article III of the U.S. Constitution (In re: Marriott International Inc. Customer Data Security Breach Litigation, No. 8:19-md-02879, D. Md.).
SAN FRANCISCO — Three AT&T Wireless customers filed a class complaint in a federal court in California on July 16 against AT&T Inc. and others over the alleged sale of their real-time locations to parties willing to pay $300 without their knowledge or consent (Katherine Scott, et al. v. AT&T Inc., et al., No. 19-4063, N.D. Calif.).