Mealey's Data Privacy
-
August 12, 2024
Facebook To High Court: Risk Disclosure Statements Weren’t Misleading
WASHINGTON, D.C. — The social media giant formerly known as Facebook Inc. told the U.S. Supreme Court in an Aug. 9 brief that the Ninth Circuit U.S. Court of Appeals erred when it held that the company issued misleading statements about the risk of potential misuse of user data because the company was aware that it had already occurred; Facebook argues that it disclosed all information required under federal securities laws.
-
August 09, 2024
Judge: Retailer Doesn’t Show Software Company’s Negligence For Data Breach
NEWARK, N.J. — A federal judge in New Jersey said an online retailer’s breach of contract claims against an e-commerce software company stemming from a data breach survive the software company’s motion to dismiss, but the judge said the retailer failed to substantiate its negligence claims because it did not show it was owed a duty of reasonable care beyond what was included in the contract.
-
August 09, 2024
Judge: Biometric Data Claims Lacking In Illinois Suit Over AI Image Creation App
CHICAGO — A man’s mere belief that his photographs and other biometric information are included in datasets used to train a third-party artificial intelligence that powers an imaging rendering application does not state a claim, and the court lacks personal jurisdiction, a federal judge in Illinois said in dismissing the case.
-
August 09, 2024
TikTok Data Collection Claims Will Move Forward In California Federal Court
LOS ANGELES — A man who accessed an educational website that allegedly collected his personal information through software created by TikTok properly stated his data privacy claims against the website’s owner under California law, a California federal judge found in denying the owner’s motion to dismiss.
-
August 09, 2024
California Appeals Court: Minor Established Privacy Claims In Data Breach Suit
VENTURA, Calif. — A California appeals panel reversed a lower court’s decision to sustain a demurrer without leave to amend a putative class complaint brought by an 11-year-old who said an educational consulting company did not do enough to prevent his medical information from being accessed in a data breach, with the panel holding that the company is subject to two state data privacy acts.
-
August 07, 2024
$9.39M White Castle Finger Scan Class Settlement Granted Final Approval
CHICAGO — A federal judge in Illinois granted final approval to a $9,394,440 settlement to be paid by White Castle System Inc. to end a class complaint by an employee who alleged that the fast food company’s finger scan policy violated the Illinois’ Biometric Information Privacy Act (BIPA).
-
August 07, 2024
Memo On Student-Workers’ Rights Under NLRA, Privacy Rights Issued By NLRB
WASHINGTON, D.C. — The National Labor Relations Board general counsel issued a memo on Aug. 6 clarifying the obligations of colleges and universities under the National Labor Relations Act (NLRA) and the Family Educational Rights and Privacy Act of 1974 (FERPA) regarding the disclosure of student-worker information to labor unions and students’ privacy rights.
-
August 06, 2024
Officials: High Court Case Claiming Texas Drone Law Is Unconstitutional Fails
WASHINGTON, D.C. — Officials in a Texas municipality have filed an opposition brief in the U.S. Supreme Court arguing that a petition for certiorari filed by a journalist and a photographer association, claiming that a Texas law that curbs the use of drones for aerial photography violates the First Amendment to the U.S. Constitution, should be denied because a lower court’s judgment, “although its reasoning is imperfect,” does not merit the Supreme Court’s attention.
-
August 05, 2024
DOJ Complaint Accuses ByteDance, TikTok Of Violating Children’s Privacy Laws
LOS ANGELES — The United States filed a complaint Aug. 2 in a federal court in California accusing TikTok Inc., ByteDance Ltd. and their affiliates of violating the Children’s Online Privacy Protection Act (COPPA) and its implementing regulations as well as a 2019 court order by knowingly permitting children to create regular rather than “Kids Mode” TikTok accounts and to create, view and share videos and messages with adults.
-
August 05, 2024
Former Employees Say Philadelphia Inquirer Liable For Breach Of Records
PHILADELPHIA — In a consolidated putative class complaint filed in a Pennsylvania federal court, three employees or former employees of the Philadelphia Inquirer LLC bring claims against the newspaper, saying it is liable for damages caused by a data breach the newspaper did not disclose to subscribers and employees for nearly a year.
-
August 02, 2024
Data Breach Class Suits Against Health Care Provider, IT Vendor Consolidated
SCRANTON, Pa. — A federal judge in Pennsylvania has consolidated nine putative class actions against Geisinger Health and its third-party information technology services vendor stemming from the Nov. 29 discovery that a former employee of the vendor had accessed and acquired the personally identifiable information (PII) and personal health information (PHI) of individuals who received health care from the provider.
-
August 01, 2024
Ohio Panel Affirms Discovery Ruling For Estate Administrator In Wrongful Death Case
CLEVELAND — Finding that the operators of a group residential facility for children failed to establish that information and documents sought by the administrator of the estate of a boy who died while under their care falls under the Health Insurance Portability and Accountability Act (HIPAA) or “is subject to any privilege such that they would be protected from discovery,” an Ohio appellate court affirmed a lower court’s ruling granting the administrator’s motion to compel.
-
July 31, 2024
Judge Nixes Claim That Facial Recognition In Samsung App Violates Data Privacy Law
CHICAGO — A federal judge in Illinois has granted a motion to dismiss a class action lawsuit against Samsung Electronics America Inc. brought by individuals who allege that facial recognition technology in Samsung’s Gallery photo application violates the Illinois Biometric Information Privacy Act (BIPA), ruling that the allegations are “insufficient” to show that the data constitute a biometric identifier or biometric information.
-
July 31, 2024
8th Circuit Reverses Attorney Fees Awarded In T-Mobile Data Breach Settlement
ST. LOUIS — A trial court abused its discretion in striking one of two objections to the $78.75 million attorney fees portion of a $350 million data breach class settlement between customers and T-Mobile US Inc., an Eighth Circuit U.S. Court of Appeals panel ruled, opining that the fees awarded were “unreasonable.”
-
July 30, 2024
Meta Will Pay $1.4 Billion To Settle Texas’ Biometric Data Privacy Lawsuit
MARSHALL, Texas — Meta Platforms Inc., formerly known as Facebook Inc., will pay $1.4 billion to end claims by Texas that it captured and used the personal biometric data of millions of state residents, according to an agreed final judgment filed in a Texas court on July 30.
-
July 29, 2024
Health Care Providers Sue, Allege Health Care Industry ‘Immobilized’ By Data Breach
MINNEAPOLIS — Health care providers in 21 states filed a class complaint in a federal court in Minnesota against a health insurer subsidiary that they say touches “one-in-three U.S. patient records” after a data breach allegedly carried out by hackers known as “ALPHV/Blackcat” accessed an unprotected network using an employee’s credentials and “wreaked havoc on the healthcare industry.”
-
July 25, 2024
California Woman Says Retailer Used AI Company To Illegally Analyze Calls
VENTURA, Calif. — A clothing retailer uses a third-party artificial intelligence company to intercept and analyze customer calls in violation of California law, a woman alleges in a class action filed in California state court.
-
July 24, 2024
Converse Granted Summary Judgment In Class Suit Over Privacy Of Chat Feature
LOS ANGELES — A Converse Inc. website user who sued the footwear and clothing company alleging that its website’s chat features recorded users’ messages without consent failed to establish any violation of California’s Invasion of Privacy Act (CIPA), including allegations that Converse aided and abetted third-party vendor Salesforce Inc., a federal judge in California ruled granting the retailer’s motion for summary judgment.
-
July 24, 2024
Judge Dismisses Putative Class Suit Against Google For Health Care Data Collection
SAN FRANCISCO — A California federal judge dismissed a consolidated class action complaint in which 12 anonymous plaintiffs accused Google LLC of violating of federal privacy statutes and California’s unfair competition law (UCL) by providing source code for “pixel tracking” of their private health care data, writing that the plaintiffs’ “vague” claims do not establish that Google intended to collect or did in fact receive their data.
-
July 24, 2024
Federal Judge: Email Recipient Who Sued Over ‘Spy Pixels’ Showed No Concrete Injury
PHILADELPHIA — An Arizona woman who filed a class complaint against Urban Outfitters Inc. (UO) over alleged embedded trackers in the company’s email that record, without consent, if and when marketing emails are opened failed to allege any concrete harm, a Pennsylvania federal judge ruled, dismissing the woman’s complaint for lack of standing.
-
July 24, 2024
In Data Breach Dispute, Plaintiff Raised Defense Of Judicial Estoppel Too Late
BOSTON — Claims arising from an alleged health data breach brought against a cybersecurity company should not be resolved under the doctrine of judicial estoppel because the company delayed in invoking the doctrine as an affirmative defense to such a degree that it prejudiced the plaintiff, a Massachusetts federal judge found in denying the cybersecurity company’s motion for judgment on the pleadings.
-
July 24, 2024
Federal Judge Dismisses Deceptive Trade Practices Claim In Data Breach Class Suit
NEW YORK — Union members who in a putative class complaint accuse their union of not keeping their personal information secure failed to sufficiently allege a claim under New York’s Deceptive Trade Practices Act (DTPA) as they did not allege that they “ever saw or relied upon the website’s privacy policy” and their “counsel conceded during oral argument that plaintiffs had not viewed it,” a federal judge in New York ruled, granting in part a motion to dismiss filed by UNITE HERE.
-
July 23, 2024
Florida Federal Judge Remands Data Breach Class Action For No Diversity
TAMPA, Fla. — A federal judge in Florida has remanded a class action against a Tampa hospital filed in the wake of a data breach, citing the absence of “minimal diversity” and calling the hospital’s argument for removal under the Class Action Fairness Act (CAFA) “wrong three times over.”
-
July 23, 2024
Plaintiffs Seek Preliminary Approval Of $115M Class Settlement With Oracle
SAN FRANCISCO — Plaintiffs have moved in California federal court seeking preliminary approval of a $115 million class settlement in a dispute with Oracle America Inc. over allegations that the company’s business practices “amount to a deliberate and purposeful surveillance of the general population via their digital and online existence.”
-
July 23, 2024
Getty Images Says Stability Stole For AI At ‘Staggering Scale’
WILMINGTON, Del. — In an amended complaint in a Delaware federal court, one of the world’s largest digital content distributors accuses artificial intelligence company Stability AI Ltd. of “brazen infringement” at a “staggering scale” through the copying of more than 12 million photographs from the company’s collection.