Newsletter RSS

Mealey's Data Privacy

  • December 23, 2022

    Digital Privacy Class Suit Against Gannett Survives Dismissal Motion

    WORCESTER, Mass. — A federal judge in Massachusetts denied a motion by Gannett Co. Inc. to dismiss a putative class complaint alleging that it violated the Video Privacy Protection Act (VPPA) by sharing USA Today digital subscribers’ personally identifiable information (PII) with Facebook, finding that  a violation was “plausibly plead[ed].”

  • December 22, 2022

    Supreme Court Told Internet Subscriber Info Protected By 4th Amendment

    WASHINGTON, D.C. — A man who was convicted of possessing child pornography argues in a petition for certiorari that law enforcement improperly conducted a warrantless search of his internet subscriber information, in which he has a reasonable expectation of privacy, asking the U.S. Supreme Court to find that such information enjoys protection under the Fourth Amendment to the U.S. Constitution.

  • December 22, 2022

    $3 Million Fees Award In Wawa Data Breach Suit Debated In 3rd Circuit

    PHILADELPHIA — A lone objector to the settlement between Wawa Inc. and a consumer class over a 2019 data breach takes issue with a $3 million attorney fees award, asserting in his reply brief in the Third Circuit U.S. Court of Appeals that it was not assessed “in economic reality.”

  • December 21, 2022

    FTC, Epic Games Agree To $275 Million Settlement Of Child Privacy Violations

    FAYETTEVILLE, N.C. — The same day the Federal Trade Commission filed a complaint over violations of the Children’s Online Privacy Protection Act of 1998 (COPPA) by Epic Games Inc. in its popular online game Fortnite, the commission moved in North Carolina federal court for entry of a stipulated order in which Epic agreed to injunctive relief and a penalty of $275 million to settle the claims against it.

  • December 21, 2022

    Twitter Ex-Employee’s Wire Fraud Sentence Based On Gain, Judge Explains

    SAN FRANCISCO — Following a denial of post-verdict motions, sentencing memoranda by both parties and a sentencing hearing, a California federal judge issued an order explaining why he considered gain in sentencing a former Twitter Inc. employee to 42 months’ imprisonment for sharing private user information with the Saudi Arabian government.

  • December 16, 2022

    Judge Rejects $37.5 Million Settlement Of Facebook Location Tracking Suit

    SAN FRANCISCO — After a preliminary approval hearing was held Dec. 15 for a proposed $37.5 million settlement of a privacy class action over the surreptitious location tracking by Meta Platforms Inc. (formerly Facebook Inc.) of users of the social network, a California federal judge issued a minute entry detailing why he was declining to approve the agreement in its present form.

  • December 13, 2022

    Biometric Information Class Suit Over CVS Photo System Tossed By Federal Judge

    CHICAGO — Consumers’ putative class claims under the Illinois Biometric Information Privacy Act (BIPA) over a pharmacy chain’s photo system for passport and identification photos were dismissed by a federal judge in Illinois, who found that some of the claims failed to sufficiently allege that the chain could use the biometric data to determine individual’s identifies while others belonged in state court.

  • December 12, 2022

    WhatsApp To High Court: Government’s Brief Bolsters Cert Denial In Spyware Row

    WASHINGTON, D.C. — In a supplemental brief, WhatsApp Inc. again encourages the U.S. Supreme Court to deny a spyware maker’s petition for certiorari in a dispute over sovereign immunity under the Foreign Sovereign Immunities Act (FSIA), arguing that the solicitor general’s (SG’s) recently filed amicus curiae brief supports this position.

  • December 09, 2022

    2nd Circuit: Collection Of Traveler COVID Information Is Moot But Its Use Is Not

    NEW YORK — In a case in which a New Jersey state resident challenged the state of New York’s authority to perform health screening for contact tracing purposes when the resident flew into an airport in New York after traveling abroad, a panel of the Second Circuit U.S. Court of Appeals dismissed the traveler’s appeal in part as moot but vacated a New York federal court’s judgment of dismissal with prejudice and remanded the case with instructions to enter a judgment of dismissal without prejudice, finding that the traveler’s request that the state not use the personal information collected in connection with a health screening was not moot and had failed only due to a lack of standing.

  • December 09, 2022

    Magistrate: Chicago Should Remain In Marriott Data Breach MDL For Discovery

    GREENBELT, Md. — Because the claims brought by Chicago against Marriott International Inc. related to a massive data breach are identical to those alleged by a consumer track, a Maryland federal magistrate judge recommended that the city’s request to be transferred out of the multidistrict litigation over the matter be denied, citing the likelihood of duplicative discovery if such a transfer occurred.

  • December 08, 2022

    Client Sues Cloud Computing Company For Negligence After Recent Security Incident

    SAN ANTONIO — Less than a week after a cloud computing company experienced a data breach, one of its clients filed a putative class action in Texas federal court, alleging negligence and breach of implied contract for the firm’s failure to keep its clients’ personally identifiable information (PII) safe.

  • December 08, 2022

    Negligence, Privacy Class Suit Filed Over Stalking Use Of Apple’s AirTags

    SAN JOSE, Calif. — Apple Inc. was hit with a putative class action when two stalking victims filed a putative class complaint in California federal court, bringing claims for invasion of privacy, unfair competition and negligence, among others, related to incidents of stalking that have used Apple’s AirTag, which they call “the weapon of choice of stalkers and abusers.”

  • December 07, 2022

    Panel Remands TCPA Coverage Suit To Determine Yahoo’s Reasonable Expectations

    SAN FRANCISCO — Following the California Supreme Court’s answer to a certified question, the Ninth Circuit U.S. Court of Appeals on Dec. 6 reversed and remanded a coverage dispute between Yahoo! Inc. and its commercial general liability insurer over claims brought under the Telephone Consumer Protection Act (TCPA) to determine Yahoo’s reasonable expectations as to coverage.

  • December 06, 2022

    Judge Excludes Substance Abuse Treatment Records From Asbestos Discovery

    NEW ORLEANS — A woman bringing an asbestos-related lung cancer claim must authorize the release of treatment records, a judge in Louisiana said in limiting the time frame of the subpoenas and excluding evidence related to substance abuse and psychiatric treatment.

  • December 05, 2022

    Android App Data Gathering Suit Against Google Dismissed For 2nd Time

    SAN FRANCISCO — Finding that two putative class plaintiffs “fail[ed] to cure the deficiencies” in their complaint that were outlined in a previous ruling, a California federal judge again granted dismissal of privacy and unfair competition claims based on Google LLC’s purported collection of user data without notice or permission via apps on the Android operating system (OS).

  • December 02, 2022

    Judge Limits Access To Mesothelioma Victim’s Genetic Information

    OAKLAND, Calif. — The privacy rights of a mesothelioma victim’s heirs mean that while experts may access pathology materials for use in the case, they must either obtain the heirs’ permission or approval from a governing body to use the discovery outside the litigation, a California judge said in granting a protective order Dec. 1.

  • December 01, 2022

    Wisconsin Appeals Panel Reinstates Negligence Class Claim In Data Breach Suit

    MILWAUKEE — A former employee of a health system that experienced a data breach in January 2020 may proceed with putative class claim for negligence, a Wisconsin appellate panel ruled, finding that dismissal of that claim was inappropriate as the worker sufficiently alleges actual damages.

  • November 30, 2022

    Panel: T-Mobile’s $17.3M Data Breach Loss Exceeds Its Self-Insured Retention Duty

    SEATTLE — A Washington appellate panel affirmed a ruling in favor of T-Mobile USA Inc. in a coverage dispute arising from a data privacy breach incurred by one of T-Mobile’s vendors, finding that T-Mobile’s $17.3 million loss from the breach exceeded its self-insured retention obligation under the policy.

  • November 29, 2022

    7th Circuit:  Sales Of Subscriber Lists Didn’t Violate Illinois Publicity Law

    CHICAGO — A media conglomerate’s sale of lists containing personal information about subscribers doesn’t violate the Illinois Right of Publicity Act (IRPA) as the subscribers’ identities are used “to effectuate the sale of the mailing lists,” a Seventh Circuit U.S. Court of Appeals panel ruled, affirming a trial court’s dismissal of the putative class complaint by one subscriber.

  • November 28, 2022

    United States Urges Certiorari Denial For Sovereignty Issue In Computer Fraud Case

    WASHINGTON, D.C. — A question over whether a contractor can claim sovereign immunity as an agent of a foreign state does not merit a grant of certiorari, the federal government asserts in an amicus curiae brief filed at the U.S. Supreme Court’s request, citing a lack of support for such immunity in the Foreign Sovereign Immunities Act (FSIA) or from any foreign states.

  • November 28, 2022

    Final Approval Given To $63 Million Settlement Of OPM Data Breach Class Action

    WASHINGTON, D.C. — A seven-year-old consolidated class action over a data breach experienced by the U.S. Office of Personnel Management (OPM) was closed when a District of Columbia federal judge gave the final OK to a $63 million settlement.

  • November 23, 2022

    Blackbaud Data Breach Suit Will Proceed For 7 Bellwether Claims

    COLUMBIA, S.C. — Partly granting a motion by the plaintiffs in a consolidated lawsuit over a ransomware attack experienced by Blackbaud Inc., a South Carolina federal judge ruled that the class certification process will proceed for seven bellwether claims against the technology firm, while the dozens of other putative class claims will be stayed until the bellwether claims are resolved.

  • November 22, 2022

    Facebook Data-Sharing Plaintiffs Defend $2 Million Discovery Sanctions Motion

    SAN FRANCISCO — Invoking a California federal court’s “broad discretion to calculate fee awards,” the named plaintiffs in a consolidated suit alleging privacy violations over a 2015 data-sharing incident said they are entitled to sanctions of more than $2 million in costs and attorney fees due to bad faith delays and failures to comply with discovery orders by Meta Platforms Inc. (formerly Facebook Inc.).

  • November 21, 2022

    Bed Bath & Beyond Hit With Class Complaint Over Spyware Use

    PHILADELPHIA — A Pennsylvania woman brings class claims against Bed Bath & Beyond Inc. (BBB) for what she calls “one of the most egregious examples of . . . consumer tracking and Internet privacy violations,” telling a Pennsylvania federal court that the retailer used spyware to intercept consumers’ “mouse movements and clicks, keystrokes, search terms” and other information while they were visiting its website.

  • November 21, 2022

    Surveilled Muslims Tell 9th Circuit Constitutional Claims Wrongly Dismissed

    SAN FRANCISCO — A group of Muslim American appellants who sued the Federal Bureau of Investigation for statutory and constitutional violations for the government’s surreptitious surveillance of their communities filed a supplemental reply brief in the Ninth Circuit U.S. Court of Appeals, arguing that the government’s brief, which was filed on remand from the U.S. Supreme Court, misinterprets and misapplies high court precedent regarding application of the state secrets privilege.

Can't find the article you're looking for? Click here to search the Mealey's Data Privacy archive.