Mealey's Data Privacy
-
November 23, 2022
Blackbaud Data Breach Suit Will Proceed For 7 Bellwether Claims
COLUMBIA, S.C. — Partly granting a motion by the plaintiffs in a consolidated lawsuit over a ransomware attack experienced by Blackbaud Inc., a South Carolina federal judge ruled that the class certification process will proceed for seven bellwether claims against the technology firm, while the dozens of other putative class claims will be stayed until the bellwether claims are resolved.
-
November 22, 2022
Facebook Data-Sharing Plaintiffs Defend $2 Million Discovery Sanctions Motion
SAN FRANCISCO — Invoking a California federal court’s “broad discretion to calculate fee awards,” the named plaintiffs in a consolidated suit alleging privacy violations over a 2015 data-sharing incident said they are entitled to sanctions of more than $2 million in costs and attorney fees due to bad faith delays and failures to comply with discovery orders by Meta Platforms Inc. (formerly Facebook Inc.).
-
November 21, 2022
Bed Bath & Beyond Hit With Class Complaint Over Spyware Use
PHILADELPHIA — A Pennsylvania woman brings class claims against Bed Bath & Beyond Inc. (BBB) for what she calls “one of the most egregious examples of . . . consumer tracking and Internet privacy violations,” telling a Pennsylvania federal court that the retailer used spyware to intercept consumers’ “mouse movements and clicks, keystrokes, search terms” and other information while they were visiting its website.
-
November 21, 2022
Surveilled Muslims Tell 9th Circuit Constitutional Claims Wrongly Dismissed
SAN FRANCISCO — A group of Muslim American appellants who sued the Federal Bureau of Investigation for statutory and constitutional violations for the government’s surreptitious surveillance of their communities filed a supplemental reply brief in the Ninth Circuit U.S. Court of Appeals, arguing that the government’s brief, which was filed on remand from the U.S. Supreme Court, misinterprets and misapplies high court precedent regarding application of the state secrets privilege.
-
November 18, 2022
California High Court Answers Certified Question In Yahoo’s TCPA Coverage Suit
SAN FRANCISCO — The California Supreme Court on Nov. 17 answered a certified question from the Ninth Circuit U.S. Court of Appeals in a coverage dispute between Yahoo! Inc. and its commercial general liability insurer arising from claims brought under the Telephone Consumer Protection Act (TCPA), finding that the CGL policy language at issue can cover liability for right-of-seclusion violations assuming “such coverage is consistent with the insured's objectively reasonable expectations.”
-
November 18, 2022
4th Circuit Asked To Affirm Class Certification Ruling In Marriott Data Breach MDL
RICHMOND, Va. — The lead class members in a multidistrict litigation over a massive data breach experienced by Marriott International Inc. filed an appellee brief in the Fourth Circuit U.S. Court of Appeals, defending a trial court order that certified classes to pursue bellwether contract, consumer protection and damages claims against the hotel chain.
-
November 17, 2022
$2.35M Dickey’s Barbecue Data Breach Class Settlement Preliminarily Approved
DALLAS — A federal judge in Texas adopted a magistrate judge’s findings and recommendations and preliminarily approved a $2.35 million all-cash, nonreversionary settlement by Dickey’s Barbecue Restaurants Inc. to end several consolidated data breach class complaints.
-
November 16, 2022
Massachusetts Agency Sued For Secret Installations Of Contact-Tracing App
BOSTON — Two owners of smartphones using the Android operating system filed a putative class action against the Massachusetts Department of Public Health (DPH), alleging constitutional, federal and state law violations for the installation of a contract-tracing app on more than 1 million Android apps “without users’ permission or awareness” as part of the state’s efforts to combat COVID-19.
-
November 15, 2022
Final OK Given To $90 Million Settlement Of Meta Online Tracking Class Action
SAN FRANCISCO — Seven months after he granted preliminary approval in a more than decade-old consolidated class action against Meta Platforms Inc. (formerly Facebook Inc.), a California federal judge granted final approval to the $90 million settlement of the “hard fought” suit over Meta’s purported tracking of Facebook users’ online activity.
-
November 11, 2022
Supreme Court To Consider Scope Of Federal Identity Theft Statute
WASHINGTON, D.C. — In a Nov. 10 miscellaneous order, the U.S. Supreme Court granted certiorari to a psychologist who was convicted under the federal aggravated identity theft statute, agreeing to take up his question of what constitutes “use” of another person’s name or identifying information.
-
November 11, 2022
Amazon Must Provide Alexa Recordings, Transcripts In Eavesdropping Lawsuit
SEATTLE — In a pair of orders, a Washington federal judge largely granted two motions to compel Amazon.com Inc. to provide documents and responses to discovery requests by a group of consumers alleging that the company’s Alexa devices violate state and federal wiretap statutes by recording conversations not directed to one of the smart speaker devices.
-
November 10, 2022
Biometric Suit Over Estée Lauder’s ‘Try It On’ Web Feature Partly Dismissed
CHICAGO — A woman who used a virtual makeup application tool on a website owned by Estée Lauder Companies Inc. sufficiently alleged a negligent violation of the Illinois Biometric Information Privacy Act (BIPA) by the collection of users’ facial geometry, an Illinois federal judge ruled, while also dismissing the plaintiff’s putative class claim of intentional and reckless conduct as inadequately pleaded.
-
November 09, 2022
Nonprofit, DHS Close To Resolving FOIA Suit Over Immigrant DNA Testing
SAN FRANCISCO — At the request of Electronic Frontier Foundation (EFF) and the U.S. Department of Homeland Security (DHS), a California federal judge entered an order setting a Dec. 5 deadline for the parties to seek dismissal or attorney fees in a lawsuit over EFF’s request for records on the DNA testing of immigrants, per the Freedom of Information Act (FOIA), in which the parties claim to have “resolved the substantive issues.”
-
November 07, 2022
Federal Judge Awards Insured $147,926 In Coverage Suit Over ‘Bad Actor’ Data Breach
ST. PAUL, Minn. — A $147,926.21 judgment was entered in favor of a technical consulting and software development company insured on Nov. 4, one day after a federal judge in Minnesota granted its motion for summary judgment in its lawsuit seeking coverage under a technology professional insurance policy “Cyber Business Interruption and Extra Expense” clause for its losses arising from a data breach perpetuated by a “bad actor.”
-
November 03, 2022
Claims Over Accounting Firm’s Data Breach Dismissed By Judge
OAKLAND, Calif. — Although a plaintiff established standing to bring putative class claims against an accounting firm for the purported exposure of her personally identifiable information (PII) from a data breach, a California federal judge on Nov. 2 found that the plaintiff did not sufficiently plead her claims, thus meriting dismissal.
-
November 01, 2022
Settlement Preliminarily Approved In COVID-19 Contact Tracing Data Breach Case
HARRISBURG, Pa. — A federal judge in Pennsylvania preliminarily approved a class settlement under which an employment staffing company accused of failing to safeguard private health information (PHI) contained in Pennsylvania Department of Health (DOH) COVID-19 contact tracing lists and failing to timely notify those affected by the breach agreed to provide monetary payments for out-of-pocket expenses and two years of credit monitoring and credit restoration protections.
-
October 31, 2022
U.S. High Court Won’t Hear Appeal Over Review Of DOL Secretary’s FECA Ruling
WASHINGTON, D.C. — The U.S. Supreme Court on Oct. 31 denied a petition by a corrections officer challenging a determination by the U.S. Department of Labor (DOL) secretary that his claims following alleged release of his personal data are covered by the Federal Employees’ Compensation Act (FECA) can’t be reviewed by a federal court.
-
October 27, 2022
Class Granted Final Approval For Settlement Of Meta’s Call, Text Data Scraping
SAN FRANCISCO — Two and a half months after he granted preliminary approval to the settlement of a consolidated class action over call and text data-scraping activities performed by Meta Platforms Inc. (formerly Facebook Inc.), a California federal judge granted final approval to the agreement, which provides only injunctive and declaratory judgment to the class.
-
October 27, 2022
9 Suits Over Meta’s Online Tracking Related In California Federal Court
OAKLAND, Calif. — Nine putative class complaints against Meta Platforms Inc. for privacy infractions related to its purported tracking of users’ online activity were related by a California federal judge in accord with a stipulation of the parties.
-
October 26, 2022
Google Assistant Users Defend Class Certification In Privacy Lawsuit
SAN JOSE, Calif. — The three classes and two subclasses described in their July motion for class certification are “appropriately defined,” a group of Google Assistant (GA) users say in a reply brief filed in California federal court in a lawsuit alleging privacy violations from Google LLC’s purported interception and use of users’ private conversations without their knowledge.
-
October 25, 2022
Class Settlement Reached In Case Over COVID-19 Contact Tracing Data Breach
HARRISBURG, Pa. — An employment staffing company accused of failing to safeguard private health information (PHI) contained in Pennsylvania Department of Health (DOH) COVID-19 contact tracing lists and failing to timely notify those affected by the breach agreed to provide monetary payments for out-of-pocket expenses and two years of credit monitoring and credit restoration protections, according to a class settlement agreement presented to a federal court in Pennsylvania for preliminary approval.
-
October 25, 2022
2 More Wiretap Lawsuits Over Meta Pixel Related In California Federal Court
SAN FRANCISCO — With his most recent ruling, a California federal judge has related six lawsuits against Meta Platforms Inc. in which the plaintiffs claim that the operator of the Facebook social network uses its Pixel product to intercept the personal information of patients who use computers and other devices at hospitals and medical facilities (In re Meta Pixel Healthcare Litigation, No. 22-3580, N.D. Calif.).
-
October 24, 2022
Hospital Data Theft Plaintiffs Lack Standing, Judge Says, Remanding To State Court
TOPEKA, Kan. — Three plaintiffs who filed a putative class complaint in the wake of a hospital’s data breach lack standing to sue due to their failure to plead any concrete injuries-in-fact that can be traced to the incident, a Kansas federal judge found.
-
October 24, 2022
Arbitration Compelled In Suits Over Sporting Goods Sites’ Data Breach
LOS ANGELES — The arbitration provision within the terms of use (TOU) of three websites that were the targets of a 2021 data breach is valid and enforceable, a California federal judge ruled, granting the website operators’ motions to compel arbitration and dismissing the lawsuits against them.
-
October 21, 2022
In Revised Ruling, 3rd Circuit Maintains Pa. Wiretap Law Lacks Direct Party Exception
PHILADELPHIA — Reaffirming a two-month-old ruling over claimed interception of consumers’ data from the website of Harriet Carter Gifts Inc. by a marketing business partner, a Third Circuit U.S. Court of Appeals panel issued a revised opinion in a putative class action over what constitutes interception under a Pennsylvania wiretap statute, stressing the importance of a party’s consent in a determination of whether a third party can be found liable for interception.