Mealey's Data Privacy
-
January 15, 2025
Final Approval Given To $2 Million Insurance-Funded Settlement Of Data Breach Suit
PORTLAND, Ore. — Five months after preliminarily approving a $2 million settlement of a class action over a marketing execution firm’s 2022 data breach, an Oregon federal judge granted final approval, deeming the approval “fair, reasonable, and adequate” and in accord with the requirements of Federal Rule of Civil Procedure 23.
-
January 14, 2025
Exclusion Bars Coverage For Home Depot’s Data Breach Loss, 6th Circuit Majority Affirms
CINCINNATI — A majority of the Sixth Circuit U.S. Court of Appeals on Jan. 13 affirmed an Ohio federal court’s finding that a commercial general liability insurance policy’s electronic data exclusion bars coverage for Home Depot’s losses stemming from a 2014 data breach, rejecting Home Depot’s contention that the lower court “wrongly expanded the narrow electronic-data exclusion beyond its natural meaning, based on assumed facts outside the record.”
-
January 14, 2025
AI Voice Cloning Company, Voice Actors Brief Motion To Dismiss
NEW YORK — Responding to an artificial intelligence company’s contention that voice actors’ claims were time-barred and suffered from other defects, two named class action plaintiffs told a federal judge in New York that they own the rights to their voices and that the ongoing use of cloned voices sold under different names places the case within the applicable time frame.
-
January 10, 2025
Magistrate Won’t Sanction Google For Destroying Files It Had No Clear Duty To Keep
OAKLAND, Calif. — Finding that the plaintiffs in a consolidated lawsuit over Google Inc.’s purported data sharing via its real-time bidding (RTB) process failed to establish that the internet giant had a duty to preserve and produce particular files in an unencrypted format, a California federal magistrate judge denied the plaintiffs’ motion for contempt and sanctions against Google.
-
January 10, 2025
Privacy Suit Over Zillow’s Disclosure Of Watched Videos May Proceed
SAN DIEGO — Rejecting Zillow Group Inc.’s contention that it is not “a video tape service provider,” a California federal judge found that the online real estate platform operator engaged in activities that qualify it as such under the Video Privacy Protection Act (VPPA), leading her to deny the defendant’s motion to dismiss a putative privacy class complaint against it for purportedly sharing the video-viewing history of users of its app and website.
-
January 10, 2025
Negligence Suit Over Theft Of Genetic Data Settles For $8.9 Million
ATLANTA — Finding a settlement fund of $8.9 million to be “fair, reasonable, and adequate” to resolve class claims brought against two cancer treatment health care companies that were affected by a 2021 ransomware attack, a Georgia federal judge granted final approval to an agreement that allows for payments of up to $1,000 or $5,000 and releases all claims against the defendants.
-
January 09, 2025
Hospice Provider Can’t Dodge Wiretapping, Privacy Lawsuit
SACRAMENTO, Calif. — A customer of an end-of-life care provider sufficiently alleges that the company’s use of artificial intelligence (AI) software to record clients’ telephone conversations without their consent violated the California Invasion of Privacy Act (CIPA), a California federal judge found Jan. 8, denying the defendant’s motion to dismiss.
-
January 08, 2025
Greek Restaurant’s Claims Over Identity, Funds Theft Partly Dismissed
RICHLAND, Wash. — In a pair of rulings, a Washington federal judge partly granted motions to dismiss by a payroll company and a mailing services firm that the owners of a Greek restaurant blame for a cybersecurity incident that they say resulted in the theft of the restaurant owner’s personally identifiable information (PII) and, ultimately, the theft of hundreds of thousands of dollars.
-
January 06, 2025
Meta, Users Oppose Objector’s Certiorari Bid Over Service Awards, Attorney Fees
WASHINGTON, D.C. — A class member who initially objected to the $90 million settlement of a privacy class action over the use of tracking cookies by Meta Platforms Inc. (formerly Facebook Inc.) did not present any questions meriting attention by the U.S. Supreme Court in his petition for certiorari protesting service awards and attorney fees that were approved as part of the settlement, Meta and the lead plaintiffs argue in briefs opposing certiorari.
-
January 03, 2025
9th Circuit Partly Reverses Dismissal Of Muslims’ Suit Over FBI Surveillance
SAN FRANCISCO — Nearly three years after the U.S. Supreme Court remanded a surveillance suit brought by a group of California Muslims against the Federal Bureau of Investigation, and 18 months after it heard oral argument in the matter, a Ninth Circuit U.S. Court of Appeals panel affirmed dismissal of constitutional claims against individual FBI agents while finding that a trial court erred in dismissing religious discrimination claims under the state secrets privilege without conducting the necessary inquiry.
-
January 03, 2025
Trimmed Class Certification Motion In Blackbaud Data Breach MDL Rejected
COLUMBIA, S.C. — Seven months after a South Carolina federal judge declined to certify several subclasses in a privacy multidistrict litigation against a data maintenance firm, he denied the lead plaintiffs’ motion for leave to file a renewed certification motion, finding that they had “not offered sufficient grounds for reopening class certification and further postponing resolution of [the] matter.”
-
January 02, 2025
Siri Users Seek Initial Approval Of $95 Million Eavesdropping Claims
OAKLAND, Calif. — A proposed $95 million settlement with Apple Inc. over the purported unauthorized recording of private conversations of Apple device users by its digital assistant Siri represents “the product of more than five years of litigation and months of negotiations” and merits preliminary approval, a group of plaintiffs tells a California federal judge in a Dec. 31 motion, in which they call the agreement “fair, reasonable, and adequate.”
-
December 20, 2024
After Partial Dismissal, Garda Data Breach Suit Settled, Stayed, Closed
WEST PALM BEACH, Fla. — On the heels of a ruling in which she partly granted a security firm’s motion to dismiss privacy and negligence claims over a data breach that exposed employees’ personally identifiable information (PII), a Florida federal judge granted the plaintiffs’ motion to stay the suit in light of a postruling announcement that the parties reached a conditional settlement of the putative class action.
-
December 19, 2024
$1.25 Million Settlement Approved In Onix Group Data Breach Class Action
PHILADELPHIA — A Pennsylvania federal judge presiding over a consolidated class action for negligence and consumer protection violations related to a 2023 data breach experienced by a Pennsylvania firm granted final approval to a $1.25 million settlement of the suit, overruling two objections and mostly granting requested attorney fees and service awards.
-
December 18, 2024
2 Objectors To Oracle Data Collection Suit Settlement Appeal To 9th Circuit
SAN FRANCISCO — One month after a California federal judge granted final approval to a $115 million settlement of a privacy and wiretap class action against Oracle America Inc., two class members who had lodged objections to the settlement filed notices that they were appealing the trial court’s approval ruling to the Ninth Circuit U.S. Court of Appeals.
-
December 18, 2024
9th Circuit Denies Saudi Dissident Rehearing Over Hacked Twitter Account
SAN FRANCISCO — A divided Ninth Circuit U.S. Court of Appeals panel’s decision to uphold the dismissal of negligence claims against Twitter Inc. will stand, per the panel’s denial of a petition for rehearing en banc by a political dissident from the Kingdom of Saudi Arabia (KSA) who blamed the social network company for allowing KSA moles to access his account for the purpose of obtaining personal information to be used against him.
-
December 17, 2024
Dismissal Motions Mostly Denied In MOVEit Data Breach MDL
BOSTON — In a pair of rulings, a Massachusetts federal judge declined to dismiss six of the consolidated lawsuits filed over the theft of medical data that occurred due to vulnerabilities in a file-transfer software program, finding that the home-state exception to the Class Action Fairness Act (CAFA) did not apply and concluding that plaintiffs in all but four of the hundreds of cases in the multidistrict litigation had sufficiently established standing under Article III of the U.S. Constitution.
-
December 16, 2024
Patients, Employees Settle Data Breach Suit Against Dental Chain For $2.7 Million
DETROIT — A Michigan federal judge granted final approval to a $2.7 million agreement that settles negligence and implied contract claims brought by the employees and patients of a multistate dental chain related to a February 2023 data breach that exposed the personally identifiable information (PII) of almost 2 million people.
-
December 13, 2024
Privacy Claims Over Web Marketer’s Online Tracking Dismissed By Federal Judge
PHILADELPHIA — Privacy and wiretap putative class claims alleged against an online marketer and two of its clients were dismissed by a Pennsylvania federal judge, who found that the two plaintiffs did not plead the necessary damages because the purported tracking of their web browsing did not constitute interception of communications.
-
December 11, 2024
FTC Announces Refunds Under Epic Games $245M Settlement For Fortnite Purchases
WASHINGTON, D.C. — The Federal Trade Commission (FTC) announced that it is sending the first round of refunds that will total more than $72 million as part of Epic Games Inc.’s agreement to pay $245 million to resolve allegations that users were tricked into purchasing items while playing the popular online game Fortnite and that children playing the game were allowed to purchase items without parental consent.
-
December 11, 2024
Health Data Clearinghouse Fined $250,000 By HHS For Exposure Of Patients’ Info
WASHINGTON, D.C. — The U.S. Department of Health and Human Services (HHS) on Dec. 10 announced that it had resolved “longstanding” failures by a health data clearinghouse to comply with the security rule of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
-
December 11, 2024
Employee Seeks Reconsideration Of Ruling On Retroactivity Of BIPA Limits Act
CHICAGO — A worker moved for reconsideration of a federal judge’s ruling that an August amendment to Illinois’ Biometric Information Privacy Act (BIPA) that places limits on an individual’s recovery for certain data release violations applies retroactively, citing a Nov. 22 ruling he says reached the opposite conclusion.
-
December 11, 2024
Credit Unions Ask Court To Deny Wawa Discovery, Approve Data Breach Suit Agreement
PHILADELPHIA — A group of financial institutions (FIs) suing Wawa Inc. over its 2019 data breach filed a motion asking a Pennsylvania federal court to deny the defendant’s motion to compel certain communications related to the claims filing process for class members and to grant final approval to a three-tiered settlement agreement that received preliminary approval more than a year ago.
-
December 10, 2024
Saudi Dissident Seeks En Banc 9th Circuit Rehearing Of Twitter Negligence Suit
SAN FRANCISCO — Arguing that a trial court improperly dismissed his negligence claims against Twitter Inc. at the pleadings stage based on the statute of limitations and constructive notice, a Saudi dissident who blames Twitter for the hacking of his account asks the Ninth Circuit U.S. Court of Appeals to rehear his appeal en banc in light of a panel decision that split on the timeliness of his complaint.
-
December 10, 2024
Insured, 2nd CGL Insurer Seek Dismissal Of Coverage Suit Over BIPA Violation Claim
CHICAGO — An insured and the remaining commercial general liability insurer in its lawsuit seeking a declaration as to coverage for an underlying putative class lawsuit alleging that it violated the Illinois Biometric Privacy Act (BIPA) filed a stipulation asking an Illinois federal court to dismiss with prejudice all claims between them.