Mealey's Data Privacy
-
January 04, 2023
9th Circuit: State Privacy Claims Against Google Not Preempted By COPPA
SEATTLE — Reversing a trial court’s dismissal of a group of minors’ privacy and unfair competition claims against Google LLC, a Ninth Circuit U.S. Court of Appeals panel found that the Children’s Online Privacy Protection Act (COPPA) does not preempt the state law claims over the purported collection of children’s personally identifiable information (PII) on YouTube.
-
January 03, 2023
Psychologist, Professor Urge High Court To Construe Identity Theft Law Narrowly
WASHINGTON, D.C. — Four days after a psychologist filed his petitioner merits brief in the U.S. Supreme Court championing a narrow construction of the federal aggravated identity theft statute under which he was convicted, a law professor filed an amicus curiae brief supporting the petitioner, encouraging the high court to avoid the vagueness that he says the Fifth Circuit U.S. Court of Appeals employed in its affirmance of the petitioner’s conviction.
-
December 23, 2022
Digital Privacy Class Suit Against Gannett Survives Dismissal Motion
WORCESTER, Mass. — A federal judge in Massachusetts denied a motion by Gannett Co. Inc. to dismiss a putative class complaint alleging that it violated the Video Privacy Protection Act (VPPA) by sharing USA Today digital subscribers’ personally identifiable information (PII) with Facebook, finding that a violation was “plausibly plead[ed].”
-
December 22, 2022
Supreme Court Told Internet Subscriber Info Protected By 4th Amendment
WASHINGTON, D.C. — A man who was convicted of possessing child pornography argues in a petition for certiorari that law enforcement improperly conducted a warrantless search of his internet subscriber information, in which he has a reasonable expectation of privacy, asking the U.S. Supreme Court to find that such information enjoys protection under the Fourth Amendment to the U.S. Constitution.
-
December 22, 2022
$3 Million Fees Award In Wawa Data Breach Suit Debated In 3rd Circuit
PHILADELPHIA — A lone objector to the settlement between Wawa Inc. and a consumer class over a 2019 data breach takes issue with a $3 million attorney fees award, asserting in his reply brief in the Third Circuit U.S. Court of Appeals that it was not assessed “in economic reality.”
-
December 21, 2022
FTC, Epic Games Agree To $275 Million Settlement Of Child Privacy Violations
FAYETTEVILLE, N.C. — The same day the Federal Trade Commission filed a complaint over violations of the Children’s Online Privacy Protection Act of 1998 (COPPA) by Epic Games Inc. in its popular online game Fortnite, the commission moved in North Carolina federal court for entry of a stipulated order in which Epic agreed to injunctive relief and a penalty of $275 million to settle the claims against it.
-
December 21, 2022
Twitter Ex-Employee’s Wire Fraud Sentence Based On Gain, Judge Explains
SAN FRANCISCO — Following a denial of post-verdict motions, sentencing memoranda by both parties and a sentencing hearing, a California federal judge issued an order explaining why he considered gain in sentencing a former Twitter Inc. employee to 42 months’ imprisonment for sharing private user information with the Saudi Arabian government.
-
December 16, 2022
Judge Rejects $37.5 Million Settlement Of Facebook Location Tracking Suit
SAN FRANCISCO — After a preliminary approval hearing was held Dec. 15 for a proposed $37.5 million settlement of a privacy class action over the surreptitious location tracking by Meta Platforms Inc. (formerly Facebook Inc.) of users of the social network, a California federal judge issued a minute entry detailing why he was declining to approve the agreement in its present form.
-
December 13, 2022
Biometric Information Class Suit Over CVS Photo System Tossed By Federal Judge
CHICAGO — Consumers’ putative class claims under the Illinois Biometric Information Privacy Act (BIPA) over a pharmacy chain’s photo system for passport and identification photos were dismissed by a federal judge in Illinois, who found that some of the claims failed to sufficiently allege that the chain could use the biometric data to determine individual’s identifies while others belonged in state court.
-
December 12, 2022
WhatsApp To High Court: Government’s Brief Bolsters Cert Denial In Spyware Row
WASHINGTON, D.C. — In a supplemental brief, WhatsApp Inc. again encourages the U.S. Supreme Court to deny a spyware maker’s petition for certiorari in a dispute over sovereign immunity under the Foreign Sovereign Immunities Act (FSIA), arguing that the solicitor general’s (SG’s) recently filed amicus curiae brief supports this position.
-
December 09, 2022
2nd Circuit: Collection Of Traveler COVID Information Is Moot But Its Use Is Not
NEW YORK — In a case in which a New Jersey state resident challenged the state of New York’s authority to perform health screening for contact tracing purposes when the resident flew into an airport in New York after traveling abroad, a panel of the Second Circuit U.S. Court of Appeals dismissed the traveler’s appeal in part as moot but vacated a New York federal court’s judgment of dismissal with prejudice and remanded the case with instructions to enter a judgment of dismissal without prejudice, finding that the traveler’s request that the state not use the personal information collected in connection with a health screening was not moot and had failed only due to a lack of standing.
-
December 09, 2022
Magistrate: Chicago Should Remain In Marriott Data Breach MDL For Discovery
GREENBELT, Md. — Because the claims brought by Chicago against Marriott International Inc. related to a massive data breach are identical to those alleged by a consumer track, a Maryland federal magistrate judge recommended that the city’s request to be transferred out of the multidistrict litigation over the matter be denied, citing the likelihood of duplicative discovery if such a transfer occurred.
-
December 08, 2022
Client Sues Cloud Computing Company For Negligence After Recent Security Incident
SAN ANTONIO — Less than a week after a cloud computing company experienced a data breach, one of its clients filed a putative class action in Texas federal court, alleging negligence and breach of implied contract for the firm’s failure to keep its clients’ personally identifiable information (PII) safe.
-
December 08, 2022
Negligence, Privacy Class Suit Filed Over Stalking Use Of Apple’s AirTags
SAN JOSE, Calif. — Apple Inc. was hit with a putative class action when two stalking victims filed a putative class complaint in California federal court, bringing claims for invasion of privacy, unfair competition and negligence, among others, related to incidents of stalking that have used Apple’s AirTag, which they call “the weapon of choice of stalkers and abusers.”
-
December 07, 2022
Panel Remands TCPA Coverage Suit To Determine Yahoo’s Reasonable Expectations
SAN FRANCISCO — Following the California Supreme Court’s answer to a certified question, the Ninth Circuit U.S. Court of Appeals on Dec. 6 reversed and remanded a coverage dispute between Yahoo! Inc. and its commercial general liability insurer over claims brought under the Telephone Consumer Protection Act (TCPA) to determine Yahoo’s reasonable expectations as to coverage.
-
December 06, 2022
Judge Excludes Substance Abuse Treatment Records From Asbestos Discovery
NEW ORLEANS — A woman bringing an asbestos-related lung cancer claim must authorize the release of treatment records, a judge in Louisiana said in limiting the time frame of the subpoenas and excluding evidence related to substance abuse and psychiatric treatment.
-
December 05, 2022
Android App Data Gathering Suit Against Google Dismissed For 2nd Time
SAN FRANCISCO — Finding that two putative class plaintiffs “fail[ed] to cure the deficiencies” in their complaint that were outlined in a previous ruling, a California federal judge again granted dismissal of privacy and unfair competition claims based on Google LLC’s purported collection of user data without notice or permission via apps on the Android operating system (OS).
-
December 02, 2022
Judge Limits Access To Mesothelioma Victim’s Genetic Information
OAKLAND, Calif. — The privacy rights of a mesothelioma victim’s heirs mean that while experts may access pathology materials for use in the case, they must either obtain the heirs’ permission or approval from a governing body to use the discovery outside the litigation, a California judge said in granting a protective order Dec. 1.
-
December 01, 2022
Wisconsin Appeals Panel Reinstates Negligence Class Claim In Data Breach Suit
MILWAUKEE — A former employee of a health system that experienced a data breach in January 2020 may proceed with putative class claim for negligence, a Wisconsin appellate panel ruled, finding that dismissal of that claim was inappropriate as the worker sufficiently alleges actual damages.
-
November 30, 2022
Panel: T-Mobile’s $17.3M Data Breach Loss Exceeds Its Self-Insured Retention Duty
SEATTLE — A Washington appellate panel affirmed a ruling in favor of T-Mobile USA Inc. in a coverage dispute arising from a data privacy breach incurred by one of T-Mobile’s vendors, finding that T-Mobile’s $17.3 million loss from the breach exceeded its self-insured retention obligation under the policy.
-
November 29, 2022
7th Circuit: Sales Of Subscriber Lists Didn’t Violate Illinois Publicity Law
CHICAGO — A media conglomerate’s sale of lists containing personal information about subscribers doesn’t violate the Illinois Right of Publicity Act (IRPA) as the subscribers’ identities are used “to effectuate the sale of the mailing lists,” a Seventh Circuit U.S. Court of Appeals panel ruled, affirming a trial court’s dismissal of the putative class complaint by one subscriber.
-
November 28, 2022
United States Urges Certiorari Denial For Sovereignty Issue In Computer Fraud Case
WASHINGTON, D.C. — A question over whether a contractor can claim sovereign immunity as an agent of a foreign state does not merit a grant of certiorari, the federal government asserts in an amicus curiae brief filed at the U.S. Supreme Court’s request, citing a lack of support for such immunity in the Foreign Sovereign Immunities Act (FSIA) or from any foreign states.
-
November 28, 2022
Final Approval Given To $63 Million Settlement Of OPM Data Breach Class Action
WASHINGTON, D.C. — A seven-year-old consolidated class action over a data breach experienced by the U.S. Office of Personnel Management (OPM) was closed when a District of Columbia federal judge gave the final OK to a $63 million settlement.
-
November 23, 2022
Blackbaud Data Breach Suit Will Proceed For 7 Bellwether Claims
COLUMBIA, S.C. — Partly granting a motion by the plaintiffs in a consolidated lawsuit over a ransomware attack experienced by Blackbaud Inc., a South Carolina federal judge ruled that the class certification process will proceed for seven bellwether claims against the technology firm, while the dozens of other putative class claims will be stayed until the bellwether claims are resolved.
-
November 22, 2022
Facebook Data-Sharing Plaintiffs Defend $2 Million Discovery Sanctions Motion
SAN FRANCISCO — Invoking a California federal court’s “broad discretion to calculate fee awards,” the named plaintiffs in a consolidated suit alleging privacy violations over a 2015 data-sharing incident said they are entitled to sanctions of more than $2 million in costs and attorney fees due to bad faith delays and failures to comply with discovery orders by Meta Platforms Inc. (formerly Facebook Inc.).