Newsletter RSS

Mealey's Data Privacy

  • July 28, 2023

    Magistrate Rules Against Insurer in Coverage Dispute Over BIPA Violations

    CHICAGO — A federal magistrate judge in Illinois on July 27 denied an insurer’s motion for judgment on the pleadings in its lawsuit disputing coverage for an underlying class action alleging that its insured violated the Biometric Information Privacy Act (BIPA), concluding that neither the ejusdem generis or noscitur a sociis canon resolves an ambiguity in the policy’s “recording and distribution,” “access or disclosure” and “employment-related practices” exclusions and that the exclusions’ plain text is so broad that they “would eliminate statutory claims for the ‘personal and advertising injury’” the policies allege to cover elsewhere.

  • July 27, 2023

    Contract, Eavesdropping Claims Survive In Data-Sharing Suit Against Hospital

    CHICAGO — Although an Illinois federal judge dismissed most of the putative class claims related to a health care company’s sharing of patient information with Meta Platforms Inc. and Google LLC via a web beacon, he found that claims for breach of contract and eavesdropping were sufficiently pleaded to survive a dismissal motion.

  • July 27, 2023

    Class Claims Over Website Tracking Dismissed For Lack Of Jurisdiction

    SAN DIEGO — A wellness website user who brought a putative class complaint alleging that her and other users’ interactions on the site are recorded and replayed in violation of California privacy laws failed to show that a federal court in California has subject matter jurisdiction or general or specific personal jurisdiction over the website operator, a federal judge ruled, granting dismissal with leave to amend.

  • July 26, 2023

    Appeal Of OPM Data Breach Settlement Dismissed For Lack Of Objection, Prejudice

    WASHINGTON, D.C. — A District of Columbia Circuit U.S. Court of Appeals panel unanimously dismissed an appeal of the October 2022 final approval that settled the eight-year old class action over a 2015 data breach experienced by the U.S. Office of Personnel Management (OPM), finding that the appellant did not establish that she is a class member bound by the settlement or that “she has been stripped of a legal claim or otherwise been prejudiced by the order.”

  • July 25, 2023

    Covington Must Disclose Some Clients’ Names To SEC In Response To Subpoena

    WASHINGTON, D.C. — The Securities and Exchange Commission is entitled to have access to the names of certain clients of Covington & Burling LLP whose material nonpublic information (MNPI) was accessed during a cyberattack, a District of Columbia federal judge ruled July 24, partly granting the SEC’s motion to enforce the subpoena, while trimming the number of clients from a list of 298 to just seven that were deemed relevant to the commission’s investigation.

  • July 25, 2023

    $350 Million Settlement Of T-Mobile Data Breach Suit Receives Final Approval

    KANSAS CITY, Mo. — One year after he preliminarily approved settlement of a multidistrict litigation over a 2021 data breach experienced by T-Mobile US Inc. and T-Mobile USA Inc. (T-Mobile, collectively), a Missouri federal judge granted final approval, finding that the agreement satisfied the requirements of Federal Rule of Civil Procedure 23(e).

  • July 21, 2023

    2 Facebook Users Oppose Final Approval Of $725M Profile-Sharing Suit

    SAN FRANCISCO — Two class members in the consolidated class action over the sharing of Facebook users’ personally identifiable information (PII) with Cambridge Analytica filed an objection in California federal court to the preliminarily approved settlement, calling the proposed $725 million settlement amount “an unjustifiable 99.9% discount of available statutory damages” that “is neither fair, reasonable nor adequate.”

  • July 21, 2023

    Judge Approves $25 Million Settlement Of FTC’s Child Privacy Claims Against Amazon

    SEATTLE — A Washington federal judge approved a $25 million stipulated order between the Federal Trade Commission and Amazon.com Inc., settling the commission’s claims of privacy violations by the online retailer’s collection of children’s voice recordings and transcripts via Amazon’s Alexa digital assistant.

  • July 20, 2023

    Illinois High Court Denies White Castle Rehearing In BIPA Fingerprint Scan Suit

    SPRINGFIELD, Ill. — An Illinois Supreme Court majority ruling that individual fingerprint scans constitute separate, actionable events under the state’s Biometric Information Privacy Act (BIPA) will stand, with the majority denying White Castle System Inc.’s petition for rehearing.

  • July 18, 2023

    Biometric Data Collection Class Claims Against Dating App Survive Dismissal Motion

    CHICAGO — A federal judge in Illinois denied a motion filed by the companies associated with the operation of an online dating application to dismiss a putative class complaint alleging violation of the Illinois Biometric Information Privacy Act (BIPA) by collecting, storing and using users’ data, finding that the lead plaintiff sufficiently showed that the court has specific personal jurisdiction over the case based on the defendants’ activities directed at Illinois.

  • July 17, 2023

    9th Circuit Won’t Reconsider Whether COPPA Preempts Children’s Privacy Suit

    SEATTLE — A Ninth Circuit U.S. Court of Appeals panel opted not to disturb its finding that the Children’s Online Privacy Protection Act (COPPA) does not expressly preempt state law privacy, unfair competition and consumer protection claims, denying a petition by Google LLC and several children’s YouTube channel operators to rehear an appeal of a dispute over the companies’ purported collection of children’s personally identifiable information (PII).

  • July 13, 2023

    Customer, McDonald’s: AI Voiceprint Class Lawsuit Dismissed With Prejudice

    CHICAGO — McDonald’s Corp. and a customer who alleged in a putative class lawsuit that the franchisor violates the Illinois Biometric Information Privacy Act (BIPA) by collecting voiceprints to place drive-through orders filed a stipulation of dismissal on July 12 in a federal court in Illinois.

  • July 13, 2023

    7th Circuit:  Patient Lacks Standing To Sue For Health Data Sharing With Google

    CHICAGO — Affirming the dismissal of an Illinois man’s putative privacy and contractual class claims over a hospital’s health data-sharing agreement with Google LLC in conjunction with a joint artificial intelligence research venture, a Seventh Circuit U.S. Court of Appeals panel found that the one-time patient failed to plead any concrete harm to establish his standing to sue under Article III of the U.S. Constitution.

  • July 13, 2023

    Google Accused Of Stealing Data From Gmail Accounts To Train AI Chatbot

    SAN FRANCISCO — Eight anonymous plaintiffs filed a putative class action accusing Alphabet Inc., Google LLC and their AI subsidiary of violating California’s unfair competition law (UCL), copyright law and privacy laws by “stealing everything ever created and shared on the internet by hundreds of millions of Americans,” including the plaintiffs’ private data contained in their private Google email accounts, to train their AI chatbot.

  • July 13, 2023

    Mesothelioma Plaintiff Opposes Blood Draw, Genetic Testing

    LOS ANGELES — Plaintiffs in a mesothelioma case urged a California court to deny a motion seeking a blood draw for genetic testing, saying the court should reject the motion on procedural grounds and that the defendants overstate the role of a BAP1 genetic mutation.

  • July 07, 2023

    9th Circuit Finds Oregon’s Ban On Secret Recordings Violates 1st Amendment

    PASADENA, Calif. — An Oregon law that prohibits the unannounced recording of most conversations is a content-based restriction on speech that runs afoul of the First Amendment to the U.S. Constitution, a Ninth Circuit U.S. Court of Appeals panel majority found, reversing a trial court’s dismissal of two media organizations’ claims of free speech violations and deeming the statute to be invalid on its face.

  • July 06, 2023

    Plaintiffs: Google’s Own AI Warns Against Its Health Data Practices

    SAN JOSE, Calif. — Google LLC’s artificial intelligence supports the conclusion that websites governed by California or federal health privacy law should not use the company’s analytics platform, anonymous plaintiffs who claim that the company unlawfully tracked, collected and monetized private health information allege in a first amended complaint that includes claims under the California unfair competition law (UCL).

  • July 03, 2023

    Federal Judge Clears Way For Privacy Class Suit Against America’s Test Kitchen

    BOSTON — A federal judge in Massachusetts on June 30 declined to compel arbitration of or dismiss a Video Privacy Protection Act (VPPA) putative class complaint accusing a recipe website of sharing subscribers’ data with a third party without consent, finding that the notice of an arbitration agreement was insufficient and the subscriber showed standing as well factual issues that must be resolved, deeming dismissal “inappropriate at this stage.”

  • June 29, 2023

    AI Chatbot Companies Accused Of Stealing Millions Of Users’ Data In Class Suit

    SAN FRANCISCO — Sixteen anonymous plaintiffs on June 28 filed a putative class action against companies that created ChatGPT and other AI chatbots, including Microsoft Corp., accusing them of violating federal privacy laws and state consumer protection laws, including California’s unfair competition law (UCL), by collecting “sensitive information from millions of individuals” to train their chatbots.

  • June 29, 2023

    Panel Rejects Insurer’s Appeal In Subrogation Suit Arising From CIPA Settlement

    SAN FRANCISCO — A California appeals panel on June 28 affirmed a lower court’s grant of summary judgment in favor of defendants in an insurer’s subrogation lawsuit seeking to recover defense and settlement costs that it paid in an underlying class action alleging its insured violated the California Invasion of Privacy Act (CIPA), concluding that the defendants had no indemnification obligation because the insured failed to give them control over the defense and settlement of the class action.

  • June 26, 2023

    Consolidated Class Suit Alleges Voice ID AI Software Violates Calif. Privacy Act

    OAKLAND, Calif. — Three California citizens filed a consolidated class complaint in a federal court in their state accusing a software company of multiple privacy violations in connection with its artificial intelligence (AI) software that permits companies to authenticate customers’ identifies with their voice.

  • June 22, 2023

    Revised $23 Million Agreement In Google Referrer Header Privacy Row Initially OK’d

    SAN JOSE, Calif. — Eight years after approving a previous settlement in a decade-old consolidated Stored Communications Act (SCA) class action against Google LLC, a California federal judge preliminarily approved a newly negotiated settlement that focuses on direct relief to consumers rather than to cy pres recipients, which had led to objections and a U.S. Supreme Court appeal of the first settlement.

  • June 22, 2023

    Insureds:  Class Certification Merited For Contract Claim Over 2014 Data Breach

    WASHINGTON, D.C. — In a reply brief supporting their renewed motion for class certification, plaintiff policyholders whose personally identifiable information (PII) was stolen in a 2014 data breach tell a District of Columbia federal court that their breach of contract claim against their insurer satisfies all class treatment requirements of Article III of the U.S. Constitution and Federal Rule of Civil Procedure 23(a).

  • June 21, 2023

    Dismissal Motion Hearing Date Set In Privacy, UCL Class Suit Over Meta’s Data Tracking

    SAN FRANCISCO — Approving a stipulation by Meta Platforms Inc. and the plaintiffs who sued it for alleged violations of the Computer Fraud and Abuse Act (CFAA) and California’s unfair competition law (UCL), a California federal judge rescheduled a hearing for Meta’s dismissal motion for the third time, this time setting it for Aug. 17.

  • June 20, 2023

    Google, Device Users Request More Time To Finalize Location-Tracking Privacy Suit

    SAN JOSE, Calif. — A month and a half after Google LLC and the lead plaintiffs in a putative privacy class action over purported location tracking of their devices announced that they had reached a settlement, the parties filed a joint statement informing a California federal court that finalization of the agreement “has taken longer than anticipated,” thus prompting them to ask the court for additional time to do so.

Can't find the article you're looking for? Click here to search the Mealey's Data Privacy archive.