LOS ANGELES— A minor California resident filed a first amended complaint (FAC) against Amazon.com Inc. in California federal court on Sept. 18, alleging violation of a state privacy law via the unauthorized recording of children’s voices through Amazon’s digital assistant Alexa (R.A. v. Amazon.com Inc., et al., No. 2:19-cv-06454, C.D. Calif.).
SAN FRANCISCO — The U.S. Chamber of Commerce was one of five amici curiae that filed briefs Sept. 16 supporting Facebook Inc.’s petition for rehearing, asking the Ninth Circuit U.S. Court of Appeals to reconsider a panel’s ruling that affirmed certification of a class seeking damages under the Illinois Biometric Information Privacy Act (BIPA), with the chamber arguing that certification was improper because the plaintiffs have not pleaded any harm from the social network’s use of facial recognition technology in its “Tag Suggestions” feature (In re Facebook Biometric Information Privacy Litigation, No. 18-15982, 9th Cir.).
NEWARK, N.J. — A customer of J. Crew Group Inc. who filed a putative class claim against the retailer for violation of the Fair and Accurate Credit Transactions Act (FACTA) saw his third amended complaint (TAC) dismissed without leave to amend on Sept. 10 by a New Jersey federal judge, who found that the plaintiff still failed to plead any injury from the retailer’s printing of too many credit card digits on his receipts that was sufficient to establish standing (Ahmed Kamal v. J. Crew Group Inc., et al., No. 2:15-cv-00190, D. N.J., 2019 U.S. Dist. LEXIS 153972).
ERIE, Pa. — Six days after a Wyoming couple announced their intention to dismiss Electronic Communications Privacy Act (ECPA) claims against a rent-to-own (RTO) franchisor over computer spyware, the plaintiffs and the franchisor on Sept. 16 jointly responded to an objection by a franchisee, who was not a party to the stipulation, telling a Pennsylvania federal court that there is “no live dispute” between them due to a confidential settlement (Crystal Byrd, et al. v. Aaron’s Inc., et al., No. 1:11-cv-00101, W.D. Pa.).
SAN FRANCISCO — In a pair of motions filed Sept. 11, AT&T Inc. asks a California federal court to dismiss privacy claims over its purported sale of customers’ information to third parties for lack of jurisdiction and to compel arbitration of the plaintiffs’ claims per a provision in their customer agreements (Katherine Scott, et al. v. AT&T Inc., et al., No. 3:19-cv-04063, N.D. Calif.).
WASHINGTON, D.C. — Less than a week after the Federal Trade Commission announced that it had settled a Children’s Online Privacy Protection Act (COPPA) claim against YouTube LLC and parent company Google LLC, a District of Columbia federal judge on Sept. 10 signed and approved the settlement agreement, under which the defendants will pay $170 million to the FTC and New York (Federal Trade Commission, et al. v. Google LLC, et al., No. 1:19-cv-02642, D. D.C.).
SAN FRANCISCO — In a detailed Sept. 9 ruling, a California federal judge mostly denied Facebook Inc.’s motion to dismiss consolidated class claims against it related to the sharing of users’ personally identifiable information (PII) with a British data analytics firm, with the judge finding that for most of the allegations, the plaintiffs sufficiently pleaded an injury and established their standing to sue the social network (In re Facebook Inc., Consumer Privacy User Profile Litigation, No. 3:18-md-2843, N.D. Calif., 2019 U.S. Dist. LEXIS 153505).
WASHINGTON, D.C. — In a pair of rehearing petitions filed Sept. 4 in the District of Columbia Circuit U.S. Court of Appeals, the U.S. Office of Personnel Management (OPM) and one of its contractors seek reconsideration of a divided panel ruling that held that a labor union had standing to pursue claims against them related to a 2015 data breach, arguing that errors were made regarding standing, damages and immunity (In Re: U.S. Office of Personnel Management Data Security Breach Litigation, Nos. 17-5217 & 17-5232, D.C. Cir.).
WASHINGTON, D.C. — The Federal Trade Commission filed a complaint against YouTube LLC and parent company Google LLC in District of Columbia federal court on Sept. 4, alleging that the defendants were guilty of numerous violations of the Children’s Online Privacy Protection Act (COPPA) by collecting the personal information of children without their parents’ knowledge or consent (Federal Trade Commission, et al. v. Google LLC, et al., No. 1:19-cv-02642, D. D.C.).
WASHINGTON, D.C. — Facebook Inc. has sufficiently demonstrated that it has an interest in protecting certain purportedly proprietary documents it provided to the Federal Trade Commission from disclosure in response to a Freedom of Information Act (FOIA) lawsuit brought by the Electronic Privacy Information Center (EPIC) against the commission, a District of Columbia federal judge ruled Aug. 28, granting the social network’s motion to intervene in the suit (Electronic Privacy Information Center v. Federal Trade Commission, No. 1:18-cv-00942, D. D.C.).
SANTA ANA, Calif. — In an Aug. 23 reply supporting its motion to intervene in the recently settled privacy class action against Vizio Inc., a nonprofit investigative organization asks a California federal court to permit it to intervene in the now-dismissed lawsuit for the limited purpose of unsealing certain court records related to the “critically important issue” of consumer privacy and technology companies’ practices of monetizing consumer data (In Re: Vizio, Inc., Consumer Privacy Litigation, No. 8:16-ml-02693, C.D. Calif.).
PHOENIX — A federal judge in Arizona on Aug. 2 granted preliminary approval to an amended settlement agreement in an Arizona class lawsuit over guest lists being voluntarily turned over to U.S. Immigration and Customs Enforcement (ICE) agents by Motel 6 Operating L.P. and G6 Hospitality LLC, doing business as Motel 6, that added an injunctive relief class to the settlement that totals up to $10 million (Jane V., et al. v. Motel 6 Operating L.P., et al., No. 18-242, D. Ariz.).
SAN FRANCISCO— Adopting and signing a proposed judgment submitted by the Securities and Exchange Commission, a California federal judge on Aug. 22 approved the commission’s $100 million civil penalty against Facebook Inc. for making misleading public statements about a known incident in which an analytics firm collected and sold the social network users’ personal data (Securities and Exchange Commission v. Facebook Inc., No. 3:19-cv-04241, N.D. Calif.).
OAKLAND, Calif. — Signing and approving a notice of voluntary dismissal filed by two plaintiffs alleging unauthorized location tracking of their devices by Facebook Inc., a California federal judge on Aug. 21 dismissed privacy and consumer protection claims against co-defendants Google LLC and Apple Inc., with the judge setting new deadlines related to the claims against Facebook, which were not voluntarily dismissed (Brendan Lundy, et al. v. Facebook Inc., et al., No. 4:18-cv-06793, N.D. Calif.).
MILWAUKEE — A Wisconsin trial court “properly exercised its discretion” when it granted certification of a class of individuals who allege that they were overcharged for medical records in violation of state law after applying a new version of the state’s class certification rule, a Wisconsin appellate panel ruled Aug. 20 (Elizabeth Harwood v. Wheaton Franciscan Services, Inc., et al., No. 2018 AP1836, Wis. App., 2019 Wisc. App. LEXIS 463).
PORTLAND, Ore. — An Oregon federal judge on July 29 granted preliminary approval of a proposed settlement between Premera Blue Cross and a group of policyholders who sued the insurer over a 2014 data breach that expose their personal information, finding the settlement to be “fair, reasonable, and adequate” (In Re: Premera Blue Cross Customer Data Security Breach Litigation, No. 3:15-md-02633, D. Ore., 2019 U.S. Dist. LEXIS 127093).
SAN FRANCISCO — The last remaining plaintiff in a consolidated lawsuit over the September 2018 data breach that affected Facebook Inc.’s “view as” feature filed an amended class complaint Aug. 16, following a California federal judge’s ruling that disposed of most of the claims against the social network, alleging that Facebook owed a duty to safeguard the personally identifiable information (PII) of its users, with which it has a “special relationship” (Stephen Adkins v. Facebook, Inc., No. 3:18-cv-05982, N.D. Calif.).
BALTIMORE — In an Aug. 16 motion mirroring similar motions filed by three other cellular carriers in parallel lawsuits, Verizon Communications Inc. asked a Maryland federal court to compel arbitration in a putative class action alleging that it shared customers’ geolocation data with third parties without authorization in violation of the Federal Communications Act (FCA) (Michelle Morrison v. Verizon Communications Inc., et al., No. 1:19-cv-01298, D. Md.).
HARRISBURG, Pa. — A prison inmate sufficiently alleged privacy and Fair Credit Reporting Act (FCRA) claims against Department of Corrections (DOC) employees related to a data breach experienced by a DOC vendor, a Pennsylvania federal judge ruled Aug. 16, denying the employees’ motion to dismiss for lack of jurisdiction (Darren Eades v. John Wetzel, et al., No. 1:19-cv-00512, M.D. Pa., 2019 U.S. Dist. LEXIS 139148).
SANTA ANA, Calif. — Two weeks after granting final approval to a $17 million settlement of class claims over Vizio Inc.’s unauthorized collections of consumers’ television viewing data, a California federal judge on Aug. 14 entered judgment in accordance with the approval ruling, dismissing the case and administratively closing the multidistrict litigation file and each of the member cases (In Re: Vizio, Inc., Consumer Privacy Litigation, No. 8:16-ml-02693, C.D. Calif.).