Newsletter RSS

Mealey's Data Privacy

  • November 06, 2024

    Winning Firm In Data Breach Arbitration Waives Response To Res Judicata Cert Petition

    WASHINGTON, D.C. — A company that experienced a 2019 data breach, which led to a canceled business agreement, a trade secret lawsuit and an arbitration in which it prevailed, waived its right to respond to a petition for certiorari in which its former client asks the U.S. Supreme Court to weigh in on when a court should decide the preclusive effect of a judgment on a related arbitration.

  • November 04, 2024

    Supreme Court Won’t Hear Suit Over Privacy Of Nevada Family Court Records

    WASHINGTON, D.C. — The U.S. Supreme Court on Nov. 4 declined to review a case in which a father involved in a custody dispute challenged a ruling in which a divided Nevada Supreme Court declared state laws to be unconstitutional because they presumptively sealed child custody court proceedings.

  • November 04, 2024

    LinkedIn Seeks Dismissal Of Wiretap, Privacy Claims In California Court

    SAN JOSE, Calif. — In the first of at least five lawsuits accusing LinkedIn Corp. of privacy violations related to its use of tracking pixels on advertisers’ websites, the professional network operator filed a motion in California federal court to dismiss the putative class action, calling it an attempt “to attack routine website analytics tools as a criminal wiretap.”

  • November 01, 2024

    Applying Texas Law To Biometric Privacy Suit, Judge Dismisses Illinois Law Claims

    DALLAS — Finding a Texas forum selection clause on Match Group Inc.’s websites to be valid, a Texas federal judge granted the company’s motion to dismiss putative class claims against it under the Illinois Biometric Information Privacy Act (BIPA), ruling that they failed as a matter of law.

  • October 31, 2024

    Negligence Claim Against Software Firm After Data Breach Dismissed Again

    SAN JOSE, Calif. — The creator of a file transfer program failed to establish that the facts alleged about a negligence claim in an amended class complaint were sufficiently different from the original complaint to merit dismissal of the claim that was previously dismissed, a California federal judge ruled, denying the software firm’s renewed dismissal motion in a lawsuit over a 2020 data breach.

  • October 31, 2024

    Privacy Claims Against YETI Did Not Establish Derivative Liability, Judge Finds

    SAN FRANCISCO — A customer of YETI Coolers LLC failed to show that the company was aware that its payment processing partner was improperly retaining and using consumers’ personally identifiable information (PII) or intentionally participated in these actions, a California federal judge found, granting YETI’s motion to dismiss putative class claims against it for invasion of privacy.

  • October 31, 2024

    Insureds Can’t Appeal Ruling Limiting Class Damages In Data Breach Suit

    WASHINGTON, D.C. — A group of policyholders who are the plaintiffs in a nine-year-old lawsuit over a 2015 data breach experienced by their insurer were denied the right to pursue an interlocutory appeal of a ruling that curtailed their ability to seek mitigation damages related to the theft of their personally identifiable information (PII), with the District of Columbia Circuit U.S. Court of Appeals deeming the damages issue not appealable because it “does not relate to class certification for purposes of” Federal Rule of Civil Procedure 23(f).

  • September 16, 2024

    Reconsideration Denied On Issue Of Mitigation Costs In Plaintiffs’ Data Breach Suit

    WASHINGTON, D.C. — A District of Columbia federal judge denied a motion for reconsideration and motion for leave to file an interlocutory appeal filed by plaintiff policyholders whose personally identifiable information (PII) was stolen in a 2014 data breach because the finding that mitigation costs are not recoverable in a breach of contract action under District of Columbia law has been the law of the case since 2019.

  • October 30, 2024

    10th Circuit Files Notice On Record In Social Media Moderation 1st Amendment Row

    DENVER  —  In an appeal to the 10th Circuit U.S. Court of Appeals by Utah officials of a district court ruling granting a preliminary injunction to an internet trade association to stop the enforcement of Utah legislation to moderate minors’ access to social media due to the law’s purported violation of the First and 14th amendments to the U.S. Constitution, the 10th Circuit clerk of court issued a notice advising that the lower court said its record is complete.

  • October 30, 2024

    Credit Unions Seek Final OK Of Wawa Data Breach Suit Settlement, Fees Award

    PHILADELPHIA — One year after preliminary approval was given to a settlement between a class of financial institutions (FIs) and Wawa Inc. in a suit over a 2019 data breach experienced by the convenience store chain, the FIs filed a motion in Pennsylvania federal court for final approval of the settlement, which is valued at $28.5 million, as well as a motion for an attorney fees and costs award of $8.5 million.

  • October 29, 2024

    Initial OK Given To $525,000 Settlement Of Philadelphia Inquirer Data Breach Suit

    PHILADELPHIA — Granting an unopposed motion to preliminarily approve the settlement of a putative class action brought by past and present employees against the Philadelphia Inquirer over a 2023 data breach, a Pennsylvania federal judge deemed the proposed agreement, which includes a $525,000 settlement fund, to be “fair, reasonable and adequate.”

  • October 28, 2024

    Mass. Supreme Court Finds Tracking Of Web Browsing Doesn’t Violate Wiretap Law

    BOSTON — Concluding that a state wiretapping statute pertains to person-to-person communications, a Massachusetts Supreme Judicial Court majority concluded that the act did not apply to a plaintiff’s claims that two hospitals tracked her web-browsing activities on their websites, leading it to reverse a trial court’s denial of the hospitals’ motions to dismiss.

  • October 25, 2024

    Alexa AI Voice Plaintiffs Seeking Class Certification Point To Recent BIPA Ruling

    CHICAGO — A federal judge recently certified a class action after finding that finger scans fell within the definition of fingerprints and were governed by the Illinois Biometric Information Privacy Act (BIPA), plaintiffs in a federal court in Illinois challenging the capture and use of voices for training the Alexa artificial intelligence said in an unopposed motion for leave to file supplemental authority.

  • October 25, 2024

    Doctor Seeks To Halt Enforcement Of New HIPAA Privacy Law

    AMARILLO, Texas — A Texas doctor filed a complaint against the U.S. Department of Health and Human Services (HHS) in Texas federal court, seeking a declaration that a newly passed modification to the Health Insurance Portability and Accountability Act of 1996 (HIPAA), which focuses on privacy for protected health information (PHI) related to reproductive health care, violates the Administrative Procedure Act (APA) and should be permanently enjoined from being enforced.

  • October 22, 2024

    Insurer Says It Owes No Defense, Indemnification For Data Breach Claim, Suit

    SEATTLE — A media tech insurer filed suit in a Washington federal court seeking a declaration that it has no duty to defend or indemnify its financial services firm insured against a bank’s indemnification demand for a data breach incident and a related subrogation lawsuit brought by the bank’s insurer.

  • October 21, 2024

    Magistrate Reduces Data Sample Google Must Produce In Assistant Eavesdropping Row

    SAN JOSE, Calif. — A California federal magistrate judge on Oct. 18 resolved a two-year-old discovery dispute in a class action over Google LLC’s purported eavesdropping of users of its Google Assistant (GA) app, reducing the number of user query samples the defendant must provide to the plaintiffs in light of a subsequent ruling certifying only a single class claim for unfair competition.

  • October 21, 2024

    Plaintiffs Settle Data-Sharing Suit With Univision After Class Certification Denied

    MIAMI — Two months after a Florida federal judge denied a motion to certify a class action against the operator of the Univision NOW website for its purported sharing of private video viewing information of the site’s users, the same judge administratively closed the lawsuit the same day the three named plaintiffs announced that they had reached a settlement with the defendant.

  • October 21, 2024

    Papa John’s Website User Asks 3rd Circuit To Rethink Jurisdiction Ruling

    PITTSBURGH — One month after a split Third Circuit U.S. Court of Appeals panel affirmed dismissal of a wiretapping lawsuit related to purported tracking of website activity by Papa John’s International Inc., the lead plaintiff in the putative class action filed a petition for rehearing, maintaining that he sufficiently established Pennsylvania jurisdiction over the pizza chain and contending that the majority’s ruling conflicted with Third Circuit and U.S. Supreme Court precedent.

  • October 18, 2024

    Delaware High Court Briefed On T-Mobile AI-Program Shareholder Derivative Action

    WILMINGTON, Del. — Instances where a director acts in the interests of a parent while sitting on the board of a subsidiary require a different standard because in such cases, there would be no paper trail evidence of an effort to provide profits only for the parent, a woman leading a shareholder derivative action says in asking the Delaware Supreme Court to revive a case alleging that a parent company directed T-Mobile US Inc. to centralize data for an artificial intelligence project, leaving the latter susceptible to cyberattack.  But in an answering brief, the appellees tell the court that the woman’s appeal was full of challenges she didn’t raise below and therefore had waived and that even on the merits, she could not show that the parent company alone would have profited from the data-sharing program.

  • October 17, 2024

    2nd Circuit Finds NBA Website User Is A Consumer And May Proceed With VPPA Suit

    NEW YORK — Reversing a trial court’s dismissal of a putative class action against the National Basketball Association (NBA) under the Video Privacy Protection Act (VPPA), a Second Circuit U.S. Court of Appeals panel concluded that the lead plaintiff qualifies as a consumer under the statute and that he has standing to sue for the NBA’s purported sharing of his personal viewing information (PVI) related to videos he watched on the NBA’s website.

  • October 15, 2024

    On Remand, News Group Dismisses Suit Over Hawaiian Medical Records Sealing Rule

    HONOLULU — Six weeks after the Ninth Circuit U.S. Court of Appeals found a Hawaii Court Records Rules (HCRR) requirement that medical and health records be sealed in court proceedings to be “overbroad” under the First Amendment to the U.S. Constitution, a nonprofit news organization that had initiated the challenge to the requirement dismissed its suit in Hawaii federal court.

  • October 15, 2024

    Arbitration Ordered In Class Suit Accusing Labcorp Of Sharing Health Info

    PHILADELPHIA — A federal judge in Pennsylvania granted a motion to compel individual arbitration in a putative class lawsuit accusing Laboratory Corporation of America Holdings (Labcorp) of intercepting individually identifiable health information from its website users and sending the information to Google, which analyzes the data, matches the information to individuals and then shares its analysis with Labcorp.

  • October 15, 2024

    Judge Tosses Class Action Alleging Insurance Provider Failed To Prevent Data Breach

    NEW YORK — One day after a plaintiff filed a notice of voluntary dismissal without prejudice of her class action complaint alleging that a financial organization that offers insurance, retirement and investment services primarily to teachers failed to prevent a May 2023 data breach that resulted in the theft of the personally identifiable information (PII) of its current and former clients, a New York federal judge ordered the case dismissed.

  • October 14, 2024

    Fan’s Suit Over Mets’ Use Of Biometric Identifiers Removed To Federal Court

    BROOKLYN, N.Y. — The company that owns the New York Mets removed a putative class action over the alleged violation of a New York City biometrics law to federal court, citing jurisdiction under the Class Action Fairness Act (CAFA).

  • October 14, 2024

    Privacy Claims Over Health Care Provider’s Use Of Facebook Pixel May Proceed

    OAKLAND, Calif. — Mostly denying a health care organization’s motion to dismiss putative class privacy claims against it, a California federal judge found that a plaintiff sufficiently alleged most of her claims that the defendant’s use of Facebook Pixel to forward URLs and other information from her use of the company’s website to the social media company violates California law and the state’s constitution.

Can't find the article you're looking for? Click here to search the Mealey's Data Privacy archive.