Mealey's Data Privacy
-
October 17, 2023
Class Suit Accuses Medical Lab Of Disclosing Customers’ Data To Debt Collector
SACRAMENTO, Calif. — A California man filed a putative class complaint in a California court against a medical laboratory and a revenue services operator alleging that they unlawfully disclose customers’ sensitive medical data to debt collectors in violation of California’s Confidentiality of Medical Information Act (CMIA).
-
October 17, 2023
Credit Unions’ $28.5 Million Settlement Of Wawa Data Suit Preliminarily Approved
PHILADELPHIA — A year and a half after a Pennsylvania federal judge granted final approval to the consumer track in a consolidated class action over a 2019 data breach experienced by Wawa Inc., the judge granted a motion to preliminarily approve a proposed settlement between the convenience store chain and a track comprising financial institutions (FIs).
-
October 17, 2023
Tesla Owner, Minor Son Ordered To Arbitrate Claims Over Vehicle Video Access
SAN FRANCISCO — A Tesla Inc. customer and his minor son who filed a class complaint accusing the company of permitting employees to access, use and share video recordings and images of customers captured by vehicle cameras without customers’ consent must arbitrate their claims, a federal magistrate judge in California ruled, finding in part “that under the principles of equitable estoppel,” the son must abide by the agreement to which his father agreed.
-
October 17, 2023
Hershey’s Dismissal Motion Granted In Case Alleging Video Viewing Disclosures
SAN DIEGO — A chocolate manufacturer accused in a putative class complaint of disclosing user data of individuals who view a video on its website to a social media company has not been shown to be a videotape service provider, a federal judge in California ruled, granting the manufacturer’s motion to dismiss the single claim in the case brought under the Video Privacy Protection Act (VPPA) without leave to amend.
-
October 16, 2023
Government Wants More Time To Respond To X’s National Security Certiorari Petition
WASHINGTON, D.C. — Filing a motion on behalf of U.S. Attorney General Merrick B. Garland, the U.S. Department of Justice, the Federal Bureau of Investigation and its Director Christopher Wray on Oct. 13, U.S. Solicitor General Elizabeth B. Prelogar asked the U.S. Supreme Court for an extra month to respond to a petition for certiorari in which X. Corp. (formerly Twitter Inc.) questions the constitutionality of being barred from disclosing certain information about its compliance with national security letters (NSLs) served on it by the FBI.
-
October 12, 2023
$725 Million Settlement Of Facebook Profile-Sharing Class Action Gets Final OK
SAN FRANCISCO — Six months after preliminarily approving a $725 million settlement between Meta Platforms Inc. and the social media users whose Facebook profiles were shared with an analytics company, a California federal judge granted final approval to the agreement, deeming it “fair, reasonable, and adequate and in the best interests of the Settlement Class Members.”
-
October 11, 2023
Mortgage Servicer Accuses Payment Processor Of Misusing Customer Data
DALLAS — A mortgage payment processor misused a mortgage servicer’s customer data when it conducted quality assurance (QA) testing with customers’ nonpublic, personal information while in a live production environment rather than a walled-off testing environment, the mortgage servicer alleges in a complaint filed in a federal court in Texas.
-
October 04, 2023
AI Health Care Company’s ‘Patient Stories’ Handling Led To Data Breach, Suit Says
BOSTON — An artificial intelligence (AI) company specializing in health care “patient stories” failed to adequately secure the private health information it obtained, resulting in a data breach releasing patient medical records and other related information, a woman claims in a putative class action in Massachusetts federal court.
-
October 04, 2023
Consumer ‘Testers’ Voluntarily Dismiss VPPA Class Suit Against General Mills
LOS ANGELES — Two individuals who said they were genuine consumers of General Mills Inc.’s products and “testers” who “ensure that companies abide by” federal privacy laws when they filed a Video Protection Privacy Act (VPPA) class complaint against the consumer food company filed in a federal court in California a notice of voluntary dismissal.
-
September 28, 2023
Amazon Prime Users Did Not Establish Injury, Privacy Violation, Judge Rules
SEATTLE — Two Amazon Prime Video customers did not establish a concrete injury from the retaining of their personally identifiable information (PII) by Amazon.com Services LLC, a Washington federal judge ruled, granting the online retailer’s motion to dismiss putative class claims brought against it under video rental laws of New York and Minnesota.
-
September 28, 2023
Proposed Settlement Of Ring Privacy Lawsuit Provides Only Injunctive Relief
LOS ANGELES — The five remaining named plaintiffs in a putative privacy class action against Ring LLC filed a motion in California federal court seeking preliminary approval of an injunctive-relief-only settlement of contractual, negligence and unfair competition claims related to incidents of eavesdropping and data sharing in connection with Ring’s security camera products.
-
September 27, 2023
Final OK Of $23 Million Settlement Sought In Lengthy Google Referrer Header Row
SAN JOSE, Calif. — A privacy suit over the purported sharing of users’ search query terms by Google LLC, which dates back more than a decade, moved closer to settlement as the named plaintiffs moved in California federal court for final approval of a $23 million settlement that provides for direct payments to class members and injunctive relief requiring disclosures by Google.
-
September 26, 2023
Meta Supports Final Approval Of $37.5M Facebook Location Tracking Class Settlement
SAN FRANCISCO — Two weeks after a motion for final settlement approval was filed by the lead plaintiffs in a class action over its alleged location tracking of Facebook users, Meta Platforms Inc. on Sept. 25 filed a statement in California federal court voicing its support for approval of the $37.5 million settlement of the five-year old case.
-
September 26, 2023
With Pending Settlement In Clearview Biometrics MDL, Discovery Motions Denied
CHICAGO — In the wake of a tentative settlement announcement by the parties in a multidistrict litigation alleging violations of the Illinois Biometric Information Privacy Act (BIPA) by artificial intelligence firm Clearview AI Inc., the magistrate judge overseeing discovery denied as moot motions for sanctions and a protective order and returned the case to the assigned presiding judge in Illinois federal court.
-
September 22, 2023
Covington’s SEC Disclosure Order Stayed Pending Client’s D.C. Circuit Appeal
WASHINGTON, D.C. — One day before the deadline for Covington & Burling LLP to turn over the names of certain clients sought by the Securities and Exchange Commission in conjunction with a cyberattack investigation, a District of Columbia federal judge on Sept. 21 granted a motion by one of those clients, proceeding anonymously, to partially stay the order pending the intervenor client’s appeal of the disclosure order.
-
September 21, 2023
Taco Bell Worker Settles Biometric Data Case After Arbitration Order
EAST ST. LOUIS, Ill. — A Taco Bell employee who alleged in a putative class complaint that workers’ biometric data is collected, used and stored in violation of state law dismissed the case with prejudice on Sept. 20 in a federal court in Illinois after filing a notice of settlement.
-
September 20, 2023
Plaintiffs Dismiss Suit Challenging AI Chatbot Privacy Practices
SAN FRANCISCO — After warning that the release of artificial intelligence was done with “disregard for the potentially catastrophic risk to humanity,” 16 anonymous plaintiffs voluntarily dismissed their complaint claiming that Microsoft Corp. and others violated federal privacy laws and state consumer protection laws, including California’s unfair competition law (UCL).
-
September 19, 2023
Covington, SEC Stipulate To Confidential Release Of 6 Clients’ Names
WASHINGTON, D.C. — A District of Columbia federal judge on Sept. 19 approved and signed a stipulation between Covington & Burling LLP and the Securities and Exchange Commission under which the law firm agrees to produce, under a protective order, the names of six of seven clients the judge had ordered it to provide to the commission in a July order, which both parties agree that they will not appeal.
-
September 19, 2023
Insurers Cross-Appeal In Coverage Dispute With Home Depot Over 2014 Data Breach
CINCINNATI — Insurers filed cross-appeal notices in an Ohio federal court two weeks and one day after their mutual insured, Home Depot, appealed to the Sixth Circuit U.S. Court of Appeals the lower court’s finding that an insurance policy’s electronic data exclusion bars coverage for the retailer’s losses stemming from a 2014 data breach (The Home Depot, Inc., et al. v. Steadfast Insurance Co., et al., No. 21-00242, S.D. Ohio, Western Div.).
-
September 13, 2023
VPPA Class Claims Over General Mills’ Alleged Info Sharing Dismissed A 2nd Time
LOS ANGELES — A federal judge in California granted for the second time a motion by General Mills Inc. to dismiss putative class claims under the Video Protection Privacy Act (VPPA) by two individuals who allege that the personal data of users of Bettycrocker.com were shared with a third party; the plaintiffs claimed that they are both genuine consumers of General Mills’ products as well as “testers” who “ensure that companies abide by” federal privacy laws.
-
September 13, 2023
Amazon Invokes Apex Doctrine To Avoid Deposition Of VP In Alexa Privacy Suit
SEATTLE — In a reply brief supporting its motion for a protective order, Amazon.com Inc. tells a Washington federal court that one of its senior vice presidents, who has been targeted for deposition by the plaintiffs in a putative privacy class action over alleged eavesdropping by the Alexa digital assistant, qualifies as an apex executive in the company and, as such, is exempted from being deposed under the apex doctrine.
-
September 12, 2023
Class Claims OpenAI Violated UCL, Privacy Law In Training ChatGPT
SAN FRANCISCO — Plaintiffs in a putative class action say artificial intelligence ChatGPT trained on private and personally identifiable information from hundreds of individuals of all ages in violation of federal and state privacy laws and the California unfair competition law (UCL).
-
September 11, 2023
Some Google Assistant Class Members Agreed To Arbitrate Privacy Suit, Google Says
SAN JOSE, Calif. — In a reply brief supporting its motion to compel arbitration with certain class members in a suit over its Google Assistant (GA) feature, Google LLC disputes that it waived its right to seek arbitration, citing a conclusion to that end by the California federal court where three such suits were consolidated.
-
September 08, 2023
Federal Judge Dismisses TCPA Coverage Suit After Yahoo, Insurer Reach Settlement
SAN JOSE, Calif. — One day after Yahoo! Inc. and its commercial general liability insurer filed a notice of settlement, a federal judge in California dismissed with prejudice Yahoo’s lawsuit seeking coverage for underlying class actions alleging that it violated the Telephone Consumer Protection Act (TCPA).
-
September 08, 2023
Home Depot Seeks 6th Circuit Review Of No Coverage Ruling For 2014 Data Breach Losses
CINCINNATI — Home Depot filed a notice of appeal in an Ohio federal court asking the Sixth Circuit U.S. Court of Appeals to review the lower court’s finding that an insurance policy’s electronic data exclusion bars coverage for the retailer’s losses stemming from a 2014 data breach, challenging the lower court’s grant of the insurers’ motions for summary judgment in its breach of contract and bad faith lawsuit seeking damages up to the full collective policy limits of $50 million.