Newsletter RSS

Mealey's Data Privacy

  • February 21, 2025

    Groups Sue To Stop DOGE Access Of Internal Revenue Service Records, Systems

    WASHINGTON, D.C. — A taxpayer rights nonprofit, a small business network and two labor unions teamed up to file a complaint in District of Columbia federal court against the Internal Revenue Service, the U.S. Department of the Treasury and the U.S. Department of Government Efficiency (DOGE) to prevent the access of the private information of millions of taxpayers and small business owners by DOGE from the IRS data systems.

  • February 21, 2025

    No Temporary Restraining Order For States In Suit Against Musk, Trump, DOGE

    WASHINGTON, D.C. — A group of states seeking to halt purportedly unconstitutional actions being taken by the U.S. Department of Government Efficiency (DOGE) and Elon Musk related to government agencies’ data systems and personnel were denied their request for a temporary restraining order (TRO) by a District of Columbia federal judge, who found that the states did “not carr[y] their burden of showing that they will suffer imminent, irreparable harm absent a” TRO.

  • February 20, 2025

    Judge Permits ‘Mass Opt-Out’ From Eavesdropping Class Action Against Google

    SAN JOSE, Calif. — A California federal magistrate judge on Oct. 18 resolved a two-year-old discovery dispute in a class action over Google LLC’s purported eavesdropping of users of its Google Assistant (GA) app, reducing the number of user query samples the defendant must provide to the plaintiffs in light of a subsequent ruling certifying only a single class claim for unfair competition.

  • February 20, 2025

    5 Federal Workers’ Class Suit Alleges Info Access Is Largest Breach Since Watergate

    WASHINGTON, D.C. — Federal officials’ decision to allow individuals from outside the U.S. government to access the “personal sensitive information” (PSI) of millions of federal workers “is the biggest breach of American trust by political actors since Watergate,” five federal employees allege in a class complaint filed in a federal court in the District of Columbia.

  • February 19, 2025

    Media Tech Insurer, Financial Services Firm Settle Data Breach Coverage Dispute

    SEATTLE — A media tech insurer that filed suit and its financial services firm insured filed a notice in a Washington federal court indicating they have settled the insurer’s lawsuit seeking a declaration that it has no duty to defend or indemnify the insured for a bank’s indemnification demand for a data breach incident and a related subrogation lawsuit brought by the bank’s insurer.

  • February 18, 2025

    Excess Insurer Appeals Ruling In BIPA Violation Coverage Dispute

    CHICAGO — An excess insurer filed a notice indicating that it is appealing an Illinois federal court’s ruling granting in part and denying in part cross-motions for summary judgment in a franchisee of the Burger King chain’s breach of contract lawsuit seeking a declaration that the insurer has a duty to defend against an underlying putative class lawsuit alleging that the insured violated the Illinois Biometric Information Protection Act (BIPA).

  • February 18, 2025

    TRO Denied In Federal Workers’ Privacy Suit Over OPM ‘Test’ Emails

    WASHINGTON, D.C. — Federal workers suing under pseudonyms who accuse the Office of Personnel Management (OPM) of failing to conduct and publish a privacy impact assessment (PIA) before allegedly sending out “test” emails the workers claim are being used to collect information on them failed to show “that they are likely to incur some irreparable injury” without a temporary restraining order (TRO), a federal judge in the District of Columbia ruled Feb. 17, denying a renewed TRO motion in the putative class case.

  • February 18, 2025

    Class Action Alleges Allstate Collected, Sold Data Without Plaintiffs’ Consent

    CHICAGO — A class action complaint filed in Illinois federal court alleges that The Allstate Corp. and its subsidiaries collected and sold the plaintiffs’ personal data and “‘trillions of miles’ worth of ‘driving behavior’” data without their consent.

  • February 18, 2025

    Minor Surveilled In Hospital Had Reasonable Expectation Of Privacy, Judge Rules

    SAN DIEGO — Finding that a hospital patient had a reasonable expectation to not be subjected to 24-hour surveillance in her hospital room, a California federal judge delivered a mixed-bag ruling to the hospital and other parties seeking dismissal of a complaint alleging privacy and civil rights violation, with many of the defendants being dismissed for failure to specify how they contributed to the claimed acts.

  • February 14, 2025

    Class Complaint Alleges Computer Fraud, Privacy Violations By Musk, Agencies

    WASHINGTON, D.C. — Six U.S. citizens filed a putative class complaint in District of Columbia federal court over purported privacy violations by the access to government systems and citizens’ personal data given to Elon Musk and the Department of Government Efficiency (DOGE).

  • February 14, 2025

    9th Circuit Rejects Appeal Of $725 Million Facebook Data-Sharing Suit Settlement

    SAN FRANCISCO — More than a year after a trial court approved the $725 million settlement of a consolidated class action over the 2015 sharing of Facebook users’ profiles with Cambridge Analytica, a Ninth Circuit U.S. Court of Appeals panel on Feb. 13 affirmed the approval over an appeal of the settlement and attorney fees amounts by two class members.

  • February 14, 2025

    14 States Sue Musk, Trump Alleging DOGE Violates Appointments Clause

    WASHINGTON, D.C. — Comparing Elon Musk’s recent actions, accessing of sensitive data from federal agencies’ computer systems, to “the abuses of an 18th century monarch,” a group of 14 U.S. states filed a complaint on Feb. 13 in a District of Columbia federal court, claiming that the free reign given to Musk and the U.S. Department of Government Efficiency (DOGE) violates the appointments clause of the U.S. Constitution.

  • February 13, 2025

    Preliminary Approval Given To $95 Million Settlement Of Siri Eavesdropping Suit

    OAKLAND, Calif. — A class action accusing Apple Inc. of collecting unauthorized recordings of Apple device users via its digital assistant Siri moved closer to resolution, with a California federal judge granting preliminary approval to a proposed $95 million settlement of the 5-1/2-year-old lawsuit.

  • February 13, 2025

    Labor Groups, Veterans Sue Federal Agencies Over DOGE Access To Private Info

    GREENBELT, Md. — A group of four labor organizations and six individuals who served in the U.S. armed forces filed a complaint against three federal agencies in Maryland federal court, contending that the access to federal files and systems granted to the recently formed Department of Government Efficiency (DOGE), including “Elon Musk and a cadre of loyalists,” runs counter to the protections of the Privacy Act and violates the Administrative Procedure Act (APA).

  • February 12, 2025

    Precious Metals Company Data Breach Class Claims Dismissed By Plaintiff

    DALLAS — A putative class action plaintiff filed a notice of voluntary dismissal in Texas federal court of his lawsuit accusing a Texas-based precious metals refiner of violating California’s unfair competition law (UCL) and other consumer protection laws by failing to take cybersecurity measures to stop a data breach that allowed access to the personally identifiable information (PII) of himself and class members.

  • February 12, 2025

    Fortra Data Breach MDL Judge OK’s 1 Settlement, Stays Case For Global Settlement

    MIAMI — The Florida federal judge overseeing the multidistrict litigation over a 2023 software app data breach granted final approval to the settlement of one of the MDL’s tracks on Feb. 11, while staying proceedings for the remaining parties while details of an announced global settlement are finalized.

  • February 12, 2025

    Group: DOGE Access Of OPM Treasury Data Is Largest ‘Data Breach In U.S. History’

    ALEXANDRIA, Va. — In a complaint filed in Virginia federal court, the Electronic Privacy Information Center (EPIC) faults the U.S. Department of Personnel Management (OPM) and the Department of the Treasury for allowing “the unlawful misuse of critical data systems” by the newly formed Department of Government Efficiency (DOGE).

  • July 22, 2024

    Claims Trimmed From Remanded Crypto Wallet Data Breach Suit

    SAN FRANCISCO — A cryptocurrency wallet firm and two of its business partners saw their motions to dismiss a suit over a 2020 data breach partly granted, as a California federal judge found some claims to be preempted by a forum selection clause and others to be insufficiently pleaded.

  • February 12, 2025

    Judge Dismisses Contractor, Allows Only UCL Claim In Crypto Wallet Data Breach Row

    SAN FRANCISCO — A California federal judge granted a subcontractors’ motion to dismiss claims against it related to a crypto wallet data breach incident after finding the claims fall under a forum selection clause requiring exclusive jurisdiction in France despite it being a nonsignatory to the contract, but declined to dismiss the plaintiffs’ putative class claim accusing the French parent company of violating California’s unfair competition law (UCL).

  • February 11, 2025

    Federal Worker Union Files 2 Complaints Over CFPB Halted Work, Data Access

    WASHINGTON, D.C. — The National Treasury Employees Union (NTEU) filed two complaints in a federal court in the District of Columbia against the Consumer Financial Protection Bureau (CFPB) acting director, one seeking to halt the access to CFPB systems, including employee information, for members of the Department of Government Efficiency (DOGE) and one challenging the directive for CFPB employees to stop their supervision and enforcement work.

  • February 11, 2025

    United States To High Court: Health Center Data Security Not ‘Related Function’

    WASHINGTON, D.C. — The Fourth Circuit U.S. Court of Appeals correctly found that a federally funded community health center (CHC) is not entitled to immunity from a lawsuit over a data breach, the United States asserted in a brief opposing a South Carolina CHC’s petition for certiorari, because action taken to safeguard patients’ data is not a “related function” to its primary health care duties.

  • February 10, 2025

    Trump, Treasury Oppose TRO Halting Expanded Access To Federal Funds Recipients’ Info

    NEW YORK — President Donald J. Trump and the Treasury Department filed an emergency motion on Feb. 10 seeking to “dissolve, clarify, or modify” an ex parte temporary restraining order (TRO) that a New York federal judge issued in the wee hours of Feb. 8 that halts the implementation of a new policy that would expand access to the payment systems of the Treasury’s Bureau of Fiscal Services (BFS) from just the bureau’s employees to newly appointed special government employees (SGEs).

  • February 10, 2025

    Class Suit Alleges 2 Genders-Only Passport Policy Violates U.S. Constitution

    BOSTON — The removal of the option to designate “X” on passports for those individuals who do not identify as female or male or who wish to keep a specified gender off their passport in response to a Jan. 20 executive order (EO) violates the U.S. Constitution, seven U.S. citizens allege in a putative class complaint filed Feb. 7 in a federal court in Massachusetts.

  • February 10, 2025

    TRO Request Denied In Suit Seeking To Halt DOGE’s Access To DOL’s Private Info

    WASHINGTON, D.C. — A federal judge in the District of Columbia in a Feb. 7 memorandum opinion and order expressed “concerns” about the alleged access to nonpublic U.S. Department of Labor (DOL) information and data being provided to personnel from the newly formed Department of Government Efficiency (DOGE), but denied a motion for a temporary restraining order (TRO) filed by five unions and one nonprofit think tank for failure to establish standing.

  • February 10, 2025

    TRO Ruling Deferred After Government Agrees Not To ID FBI Workers On Trump Cases

    WASHINGTON, D.C. — The federal government will not publicly release the identities of Federal Bureau of Investigation workers involved in investigating two events involving President Donald J. Trump at least until after ruling is issued on anticipated motions for a preliminary injunction in two cases seeking to stop such disclosures, according to a consent decree signed by a federal judge in the District of Columbia on Feb. 7.