Mealey's Data Privacy
-
October 07, 2024
Petition Challenging Constitutionality Of Texas Drone Law Denied By High Court
WASHINGTON, D.C. — The U.S. Supreme Court on Oct. 7 denied a petition for writ of certiorari of a journalist and a photographer association claiming that a Texas law that curbs the use of drones for aerial photography violates the First Amendment to the U.S. Constitution.
-
October 07, 2024
Negligence Claims Against Indiana University To Proceed In Data Breach Incident
FORT WAYNE, Ind. — A federal judge in Indiana determined that claims of negligence and breach of contract alleged against a private university in a data breach suit can proceed because the plaintiffs seek damages for more than just economic losses and because dismissal of the breach of contract claim would be premature.
-
October 03, 2024
Vermont Health Provider Pays $540,000 To Settle Data Breach Class Claims
BURLINGTON, Vt. — A federal judge in Vermont granted final approval of a $540,000 settlement to be paid by an integrated health provider in that state, ending a class suit by a patient over a 2022 data breach that allegedly exposed the personal information of more than 60,000 people.
-
October 02, 2024
Judge Partly Dismisses Hunter Biden’s Suit Against IRS, Won’t Let Agents Intervene
WASHINGTON, D.C. — A District of Columbia federal judge partly granted the United States and U.S. Internal Revenue Service’s motion to dismiss claims brought against them by Hunter Biden for failure to protect the privacy of his tax returns, but declined to dismiss Biden’s claim for damages and denied a motion to intervene filed by two IRS agents who were involved in the disclosure of Biden’s tax information.
-
October 01, 2024
Judge Dismisses Suit Disputing Coverage For BIPA Claims Over AI Food Phone Orders
CHICAGO — Following receipt of a businessowners insurer’s notice of voluntary dismissal, a federal judge in Illinois dismissed the insurer’s lawsuit seeking a declaratory judgment that it owes no coverage for two underlying putative class action lawsuits alleging that its insured and two franchise restaurants violated the Illinois Biometric Information Privacy Act (BIPA) when they used the insured’s voice artificial intelligence technology to handle phone orders from customers.
-
September 27, 2024
Plaintiff Consents To Hacked Facebook Accounts Suit Being Heard By Magistrate
SAN FRANCISCO — A plaintiff bringing a putative class action against Meta Platforms Inc. in California federal court for breach of contract and violation of California’s unfair competition law (UCL) due to it allegedly allowing “hackers to abscond with hundreds of thousands of Facebook accounts” while barring hacked users from regaining access to their accounts consented to magistrate jurisdiction over the suit on Sept. 26.
-
September 26, 2024
In Camera Review Showed Amazon Used Privilege Designation Too Broadly
SEATTLE — Saying that almost 80% of the documents produced for in camera review “were improperly designated or over-designated as” subject to attorney-client privilege, a Washington federal judge ordered Amazon.com Inc. to make a variety of productions to plaintiffs who sued it over the unauthorized recording and retention of private conversations.
-
September 25, 2024
Plaintiffs, Google Update Status Of Suit Over $5.5M Cookie Privacy Suit Settlement
WILMINGTON, Del. — Following the lifting of a stay in a lawsuit where the plaintiffs sued Google LLC for purported privacy violations, the parties filed a joint status report in a Delaware federal court saying the 12-year-old case is “essentially at the same procedural posture as in 2015” after the court denied final approval of a $5.5 million settlement. The plaintiffs noted that they have prepared discovery to address class issues and proceed to class certification, asserting that if they are able to demonstrate that the putative class is ascertainable, then the settlement should be granted final approval.
-
September 25, 2024
Investors, Facebook Agree On Risk Question, Disagree On What High Court Should Do
WASHINGTON, D.C. — Meta Platforms Inc., formerly Facebook Inc., investors tell the U.S. Supreme Court in a Sept. 24 respondent brief that they agree with Facebook as to the answer to the limited question before the justices regarding disclosure of immaterial past risks but argue that the Ninth Circuit U.S. Court of Appeals’ ruling should be upheld as it was correct when it opined that Facebook issued misleading statements about the risk of potential misuse of user data because the company was aware that it had already occurred.
-
September 25, 2024
Most Claims Survive Dismissal In Forta Data Breach MDL Case
MIAMI — Ruling that the plaintiffs in a consolidated putative class action arising from a 2023 data security breach adequately allege standing, a Florida federal judge granted dismissal for failure to state a claim only as to all or part of 11 of the 27 claims; he said he would allow repleading on four of the claims, but the plaintiffs opted to forgo repleading.
-
September 25, 2024
Judge Dismisses ‘Magic Avatars’ AI Biometric Data Case After Period To Amend Ends
CHICAGO — A federal judge in Illinois dismissed an action in which a man claimed that his photographs and other biometric information are included in datasets used to train a third-party artificial intelligence that powers an image rendering application after the man failed to file an amended complaint in the wake of dismissal of his action.
-
September 24, 2024
Google Partially Granted Summary Judgment In Ovulation Tracking App Suit
SAN FRANCISCO — Female consumers who used the Flo Period & Ovulation Tracker app and are now suing the app creator and third parties for privacy and contract violations as well as unfair competition law (UCL) claims under California law abandoned their defense of their UCL claims against Google LLC and failed to show that Google has actual knowledge of the alleged practices, a federal judge in California ruled Sept. 23, partially granting Google’s motion for summary judgment.
-
September 24, 2024
Data Breach Class Suit Against Casino Operator May Proceed, Judge Rules
LAS VEGAS — A Nevada federal judge granted in part and denied in part a casino operator’s motion to dismiss putative class action claims against it for negligence, violation of California’s unfair competition law (UCL) and other statutes on behalf of a nationwide class and a California subclass in relation to a 2022 breach of its servers that led to the leak of more than 200,000 people’s personal identifying information (PII).
-
September 19, 2024
5th Circuit Dismisses Government’s Appeal In Health Information Privacy Row
NEW ORLEANS — The Fifth Circuit U.S. Court of Appeals dismissed the government’s appeal of a Texas federal judge’s ruling that two hospitals and two hospital associations were correct that a standard established in two recent U.S. Department of Health and Human Services (HHS) subagency bulletins for determining when online tracking technology has unlawfully gathered internet users’ individually identifiable health information (IIHI) exceeded HHS’s authority, after the government moved to voluntarily dismiss its appeal.
-
September 19, 2024
Judge Approves $6.5M Settlement For Breach Of Prisoners’ Health Data
LEXINGTON, Ky. — A Kentucky federal judge on Sept. 17 granted final approval of a nearly $6.5 million class action settlement including $2.1 million in attorney fees against a claims administrator for correctional facilities for a 2022 data breach that led to the personal health data of nearly 600,000 people being posted online.
-
September 19, 2024
Preliminary Approval Of Settlement Granted In Payroll Processor Data Breach Suit
LOS ANGELES — A California state court judge granted preliminary approval of a settlement in a putative class action suit against an entertainment industry payroll processor whose alleged failure to implement cybersecurity measures to protect the plaintiffs’ personally identifiable information (PII) resulted in a data breach impacting more than 450,000 individuals, staying litigation in the case pending final approval of the settlement.
-
September 19, 2024
Sending Google Settlement Funds To Only Cy Pres Groups ‘Legal Error,’ Objectors Say
SAN FRANCISCO — Approval of a plan to distribute most of a $62 million settlement in a consolidated class action over Google Inc.’s collection of users’ location data to cy pres organizations while class members receive nothing runs afoul of a revised rule of federal procedure, warranting reversal and remand, three settlement objectors tell the Ninth Circuit U.S. Court of Appeals in their opening brief.
-
September 19, 2024
Failure To Allege NFL Prerecorded Videos Were Viewed Deemed ‘Fatal’ To VPPA Claim
NEW YORK — A federal judge in New York dismissed a putative class complaint accusing the National Football League of violating the Video Privacy Protection Act (VPPA) by sharing personal data about users of the NFL’s website, mobile application and video service with a third party, opining that the lead plaintiff’s failure to allege that prerecorded videos were viewed was “fatal” to the complaint.
-
September 19, 2024
Planned Parenthood’s $6M Data Breach Class Settlement Given Final OK
LOS ANGELES — A $6 million settlement by Planned Parenthood Los Angeles (PPLA) to end a consolidated class complaint accusing the reproductive health care provider of failing to protect patients’ personally identifiable information and protected health information from being accessed and stolen was granted final approval by a California judge, following the submission of additional documentation.
-
September 18, 2024
Class Action Alleges Insurance Provider Negligently Failed To Prevent Data Breach
NEW YORK —A class action complaint was filed in a New York federal court against a financial organization that offers insurance, retirement and investment services primarily to teachers, alleging that the defendant failed to prevent a May 2023 data breach that resulted in the theft of the personally identifiable information (PII) of its current and former clients.
-
September 17, 2024
New Mexico Officials Appeal Ruling That Voter Data Was Wrongfully Withheld
ALBUQUERQUE, N.M. — New Mexico’s attorney general and secretary of state filed a notice of appeal to the 10th Circuit U.S. Court of Appeals following a New Mexico federal judge’s ruling that the state violated the rights of a nonprofit voter participation organization under the First Amendment to the U.S. Constitution by withholding publicly available state voter data from the nonprofit organization.
-
September 17, 2024
Some 23andMe Users Seek Arbitration, Not Class Action, For Data Breach Claims
SAN FRANCISCO — In a brief filed in California federal court, several users of 23andMe Inc.’s website defend their right to pursue arbitration against the company for the theft of their genetic information by hackers, arguing that their decision to arbitrate defeats any typicality of claims between them and class members in a multidistrict litigation (MDL) over the theft and makes preliminary approval of a settlement of the MDL inappropriate.
-
September 17, 2024
Pa. Health Provider’s $65M Data Breach Settlement Granted Preliminary Approval
SCRANTON, Pa. — A Pennsylvania judge granted preliminary approval of a $65 million settlement to be paid by Lehigh Valley Health Network Inc. (LVHN) to end a class complaint alleging that a February 2023 data breach resulted in the disclosure of personal information and medical records, including nude photographs.
-
September 13, 2024
Judge Grants Injunction In 1st Amendment Row Over Utah Social Media Moderation Law
SALT LAKE CITY — In a decision addressing two cases challenging Utah state legislation to moderate social media content for minors, a Utah federal judge in the first case granted a preliminary injunction to an internet trade association company seeking to prevent enforcement of the legislation, finding that the trade association is likely to succeed on the merits of its claim that the law violates the First and 14th amendments to the U.S. Constitution.
-
September 13, 2024
Utah Judge Rules For Insurer In Coverage Dispute Over Ill. BIPA Violation Claims
SALT LAKE CITY — A Utah judge entered judgment in favor of a general liability insurer in its declaratory judgment lawsuit disputing coverage for an underlying action alleging its insured violated the Illinois Biometric Information Privacy Act (BIPA), finding that various policy exclusions bar coverage.