Newsletter RSS

Mealey's Data Privacy

  • March 27, 2025

    Illinois High Court Refuses To Disturb Ruling That Exclusion Bars BIPA Suit

    CHICAGO— The Illinois Supreme Court on March 26 denied an insured’s petition for leave to appeal an appeals court’s ruling that insurers have no duty to defend it against an underlying class action lawsuit alleging that it violated the Illinois Biometric Information Privacy Act (BIPA) because the policies’ “Recording and Distribution” exclusion barred coverage.

  • March 27, 2025

    D.C. Circuit Stays Discovery In States’ Constitutional Challenge To DOGE

    WASHINGTON, D.C. — The District of Columbia Circuit U.S. Court of Appeals on March 26 granted an emergency motion, filed by President Donald J. Trump, his “senior advisor” Elon Musk and the U.S. Department of Government Efficiency (DOGE), to stay a trial court’s discovery order that permitted a group of states that sued over purported constitutional violations in the creation of DOGE to conduct expedited discovery into the department’s leadership and past and future actions.

  • March 27, 2025

    $525,000 Settlement Of Philadelphia Inquirer Data Breach Suit Gets Final OK

    PHILADELPHIA — Five months after preliminarily approving a $525,000 settlement of privacy and negligence class claims over a 2023 data breach experienced by the Philadelphia Inquirer LLC, a Pennsylvania federal judge granted a motion for final approval of the settlement.

  • March 26, 2025

    Seal Motions Granted In Computer Fraud Row Between Spyware Firm And WhatsApp

    OAKLAND, Calif. — A California federal judge granted in part and denied in part motions to seal in WhatsApp’s suit against a spyware firm related to the firm’s alleged computer fraud, granting WhatsApp’s motion as to some requests because the “redactions are sufficiently narrow” and granting some of the spyware firm’s requests to seal regarding “limited redactions.”

  • March 26, 2025

    Plaintiffs Oppose Stay Of DOGE Injunction During Agencies’ 4th Circuit Appeal

    GREENBELT, Md. — The same day that the U.S. Office of Personnel Management (OPM), the U.S. Department of Education (DOE) and the U.S. Department of Treasury announced that they were appealing a Maryland federal judge’s imposition of a preliminary injunction halting their sharing of individuals’ personally identifiable information (PII) with the U.S. Department of Government Efficiency (DOGE), the plaintiff labor unions and veterans filed their opposition to a motion to stay the injunction, which the defendants filed concurrently with their appeal notice.

  • March 25, 2025

    Judge Approves Settlement Of Consolidated Privacy Suit Over Photo Database

    CHICAGO — An Illinois federal judge granted final approval to a settlement of claims against the creator and curator of a massive digital photo database under the Illinois Biometric Information Privacy Act (BIPA), finding that the settlement fund being based on the startup company’s equity is appropriate given the defendant’s “precarious” financial situation.

  • March 21, 2025

    Union, Groups Granted TRO In Suit Seeking To Stop DOGE Access To SSA Systems

    BALTIMORE — A federal judge in Maryland on March 20 granted a temporary restraining order (TRO) halting access to Social Security Administration (SSA) data for anonymous individuals associated with the Department of Government Efficiency (DOGE) while calling the individuals’ actions “a fishing expedition” and stating that the federal government has not “identified or articulated even a single reason for which the DOGE Team needs unlimited access to SSA’s entire record systems, thereby exposing personal, confidential, sensitive, and private information that millions of Americans entrusted to their government.”

  • March 21, 2025

    Expedited Discovery Order Reaffirmed In Union’s Suit Over DOGE Access To DOL

    WASHINGTON, D.C. — A federal judge in Washington, D.C., denied reconsideration of a limited expedited discovery order in a lawsuit by labor unions and nonprofits challenging access to U.S. Department of Labor (DOL) records by personnel from U.S. Digital Service and the U.S. DOGE Service Temporary Organization (together, DOGE) and granted an amended motion for expedited discovery filed by the plaintiffs, opining that new evidence that the DOGE personnel are now also employed by the DOL “presents further reason that [DOGE’s] reporting structure needs clarifying.”

  • March 20, 2025

    Wiretapping, Chatbot Class Suit Against Kroger Tossed As Lacking ‘Plausible’ Claim

    LOS ANGELES — A California federal judge dismissed a putative class action suit against The Kroger Co., a U.S.-based company that operates retail grocery stores, for alleged violations of California’s wiretapping statute by using third-party software to purportedly eavesdrop on chat-based conversations on Kroger’s website, finding that the plaintiff’s “allegations do not render plausible her claim of violation” of the wiretapping statute.

  • March 20, 2025

    NBA Asks Supreme Court To Decide If VPPA Harm Requires Public Disclosure

    WASHINGTON, D.C. — Appealing a ruling by the Second Circuit U.S. Court of Appeals that revived a putative class claim against it for violation of the Video Privacy Protection Act of 1988 (VPPA), the National Basketball Association (NBA), in a petition for certiorari, asks the U.S. Supreme Court to clarify the standards for when a plaintiff has standing to bring a VPPA claim.

  • March 20, 2025

    Judge In Snowflake MDL Won’t Disqualify Counsel For AT&T In Separate Privacy MDL

    BUTTE, Mont. — The co-lead counsel in a multidistrict litigation over data breaches experienced by a data storage firm “had an ethical duty” to inform him of a potential conflict of interest with another attorney representing plaintiffs against AT&T Inc., a Montana federal judge said; however, in light of procedural and court-ordered safeguards, he declined to disqualify the attorney, who is also representing plaintiffs in another MDL over a different data breach also involving AT&T.

  • March 19, 2025

    Biometric Privacy Claims Over Neutrogena Online Skin Analysis To Proceed

    TRENTON, N.J. — Johnson & Johnson Consumer Inc. (J&J) must face putative claims under the Illinois Biometric Information Privacy Act (BIPA), a New Jersey federal judge held, denying the company’s second dismissal motion centering on its online Neutrogena Skin360 skin assessment product.

  • March 18, 2025

    VPPA Claim Over Videos On Scientific American’s Website May Proceed, Judge Rules

    NEW YORK — A Florida man has sufficiently alleged that the owner of Scientific American (SA) violated the Video Protection Privacy Act of 1988 (VPPA) by disclosing videos that he watched on the publication’s website by collecting and sharing users’ personally identifiable information (PII) via Meta Platforms Inc.’s pixel tool, a New York federal judge ruled, denying the defendant’s motion to dismiss the putative class complaint.

  • March 17, 2025

    Ex-Employee’s Suit Over Food Wholesaler’s Data Breach Dismissed For Lack Of Injury

    TOPEKA, Kan. — An Oklahoma man’s putative class complaint over a 2023 data breach experienced by his former employer was dismissed without prejudice by a Kansas federal judge, who found that the plaintiff lacked standing to bring negligence and privacy claims, among others, for failing to allege that his personally identifiable information (PII) was actually misused after it was stolen in the breach.

  • March 17, 2025

    South Dakota Asks Supreme Court To Reject ‘Purse Exception’ To Vehicle Searches

    WASHINGTON, D.C. — In a March 12 brief, South Dakota argues that the U.S. Supreme Court should reject a petition for certiorari from a woman convicted for drug possession based on evidence obtained from the search of her purse after a traffic stop, stating that, per relevant precedent, “a vehicle search extends to a purse provided there is reason to believe it contains evidence relevant to the offense of the arrest of an occupant of a vehicle.”

  • March 17, 2025

    Judge Grants Hunter Biden's Request To Drop Lawsuit Over Laptop Files

    SAN FRANCISCO — A California federal judge granted Hunter Biden’s ex parte application for an order of voluntary dismissal of his lawsuit against a conservative activist and his organization for violating computer fraud laws and California’s unfair competition law (UCL) by posting data from Biden’s private laptop online, but citing defense claims of “legal prejudice” and the timing of the filing entered dismissal with prejudice instead of without as Biden had requested.

  • March 17, 2025

    Injunction Granted In 1st Amendment Challenge To Children’s Online Privacy Act

    SAN FRANCISCO — A California federal judge again granted a motion for a preliminary injunction enjoining the enforcement of the California Age-Appropriate Design Code Act (CAADCA) in a suit filed by a trade association of online businesses challenging the CAADCA, which was enacted to provide online privacy protections for children under 18, finding that the association “is likely to prevail on its claim of facial invalidity” regarding the act’s requirement for businesses to enforce their “content policies” and “community standards.”

  • March 14, 2025

    New York Alleges Insurers Violated State Data Breach Notification Laws

    NEW YORK — The people of New York sued insurers in a New York court alleging that they violated state data breach notification laws by failing to alert impacted New Yorkers or state agencies of a data breach in which drivers’ license numbers of close to 200,000 consumers were exposed to attackers.

  • March 13, 2025

    Judge Allows States Discovery Into DOGE’s, Musk’s Authority In Firings, Data Access

    WASHINGTON, D.C. — Fourteen states that sued over purported violations of the appointments clause of the U.S. Constitution were given the opportunity to take expedited discovery on actions taken by the Department of Government Efficiency (DOGE), its personnel and Elon Musk, with a District of Columbia federal judge on March 12 finding that their discovery requests were, largely, narrowly tailored and pertinent to their forthcoming preliminary injunction motion.

  • March 13, 2025

    DOL, DOGE, Others Ask Court To Rethink Expedited Discovery In Unions’ APA Suit

    WASHINGTON, D.C. — The Department of Labor (DOL), the Department of Health and Human Services (DHHS), the Consumer Financial Protection Bureau (CFPB) and other parties accused of improperly providing access to citizens’ confidential information to the Department of Government Efficiency (DOGE) filed a motion asking a District of Columbia federal judge to reconsider his recent grant of expedited discovery to the plaintiff labor unions and nonprofits, asserting that changes to the “factual predicates” have “obviate[d] the need” for such discovery.

  • March 13, 2025

    Appeals Court Revives 2 Data Practices Claims Against Minnesota DHS

    ST. PAUL, Minn. — Although a Minnesota Appeals Court panel largely affirmed dismissal of data practices claims against the Minnesota Department of Human Services (DHS) and a vendor brought by four residents of a sex offender facility, the panel found that the plaintiffs sufficiently pleaded two claims related to the sharing of personal data without authorization and having insufficient safeguards for that data prior to contracting with the vendor.

  • March 12, 2025

    Immigrant Organizations Seek To Halt DHS, ICE From Accessing IRS Records

    WASHINGTON, D.C. — Filing a complaint in District of Columbia federal court on behalf of their members, two Chicago-area immigrant rights organizations seek a declaration that the Internal Revenue Service is not permitted to provide taxpayer information, including the information of immigrants, to the Department of Homeland Security (DHS) and U.S. Immigration and Customs Enforcement (ICE) for use in immigration enforcement actions in compliance with recent executive orders (EOs) of President Donald J. Trump.

  • March 11, 2025

    Expedited Discovery, Dismissal Sought In States’ Suit To Halt DOGE’s Actions

    WASHINGTON, D.C. — Elon Musk, President Donald J. Trump and the U.S. Department of Government Efficiency (DOGE) moved in District of Columbia federal court to dismiss a lawsuit brought by a group of 14 states opposing Musk’s involvement in DOGE’s activities, asserting that because Musk is an adviser, not an officer of the United States, the plaintiffs’ claim under the appointments clause of the U.S. Constitution is doomed.

  • March 10, 2025

    No Injunction For Unions, Group To Stop DOGE Access To Treasury Data

    WASHINGTON, D.C. — Two labor unions and an advocacy group that sued to stop the Department of the Treasury and the Bureau of the Fiscal Service (BFS) from allowing members of the newly formed Department of Government Efficiency (DOGE) to access BFS records saw their motion for a preliminary injunction denied March 7, with a District of Columbia federal judge concluding that they had not established a “likelihood of an irreparable injury that is ‘beyond remediation.’”

  • March 07, 2025

    Privacy, Biometric Claims Over CapCot Video-Editing App Survive Dismissal

    CHICAGO — An Illinois federal judge largely granted a motion by ByteDance Inc. to dismiss putative class claims over the purported collection of personal data from users of its CapCot video-editing app, finding that a group of the app’s users did not establish claims for unfair competition, unjust enrichment and violation of several federal and California state privacy laws.