Mealey's Data Privacy

  • July 10, 2026

    Magistrate Judge Denies Warrant For Canvassing Cell-Site Simulator

    YOUNGSTOWN, Ohio — Issuing a memorandum and opinion denying a search warrant application in which the government sought permission to use a canvassing cell-site simulator (CCSS), an Ohio federal magistrate judge found that “the proposed CCSS does not satisfy the particularity requirement of the Fourth Amendment nor the prohibition against overbroad warrants.”

  • July 09, 2026

    Judge Allows Amended Complaint Filing In NetChoice Challenge To Maryland Minors’ Law

    BALTIMORE — A Maryland federal judge granted a motion to file a second amended complaint by NetChoice, an internet trade association representing Amazon, Google and others, finding that NetChoice demonstrated “good cause by showing that it acted diligently in this case” in its challenge to a Maryland law enacted to protect the online privacy of minors.

  • July 09, 2026

    Rescission Of Discovery Order Denied In Case Over SSA Records Access

    BALTIMORE — A federal judge in Maryland denied a motion to rescind an April discovery order in a suit by a union and two groups representing a combined 7 million Americans who opposed individuals working for U.S. DOGE Service and U.S. DOGE Service Temporary Organization (together, DOGE) being provided access to Social Security Administration (SSA) records.

  • July 09, 2026

    Ill. Orthopedic Group Settles Data Breach Consolidated Class Action For $4 Million

    CHICAGO — An Illinois orthopedic group with more than 100 locations will pay $4 million to end a consolidated class action by patients who alleged that their health information was potentially compromised in a data incident discovered by Illinois Bone and Joint Institute LLC (IBJI) in July 2024, according to an Illinois judge’s opinion granting final settlement approval.

  • July 09, 2026

    DOJ Sues Kentucky, Michigan And Minnesota To Compel SNAP Data Production

    The U.S. government filed three federal lawsuits seeking orders requiring Kentucky, Michigan and Minnesota’s Supplemental Nutrition Assistance Program (SNAP) administering agencies to provide the U.S. Department of Agriculture (USDA) with statewide SNAP eligibility, household, benefit-allotment and electronic benefit transfer (EBT) transaction records, alleging that the states violated the Food and Nutrition Act of 2008 (FNA) by refusing to comply with USDA’s May 15, 2026, records request.

  • July 09, 2026

    6th Circuit Upholds Dismissal Of Government’s Suit Seeking Michigan’s Voter List

    CINCINNATI — A divided Sixth Circuit U.S. Court of Appeals panel affirmed dismissal of the federal government’s suit seeking to compel Michigan to produce its unredacted statewide voter registration database, holding that the file falls outside the Civil Rights Act’s election records provisions because it is a state-created database rather than a record received from an outside source and because the government’s demand letters did not include a required basis or purpose.

  • July 09, 2026

    Apple Accused Of Falsely Advertising Safari’s Privacy In Putative Class Suit

    SAN JOSE, Calif. — A user of Apple Inc.’s proprietary web browser, Safari, filed a putative class action lawsuit in California federal court accusing Apple of violating California’s unfair competition law (UCL) and other laws by deceptively advertising the browser as “a private, secure web browser that does not disclose individuals’ personal information” when it allegedly allows third-party tracking of users’ data.

  • July 01, 2026

    U.S. Supreme Court Vacates And Remands 2 Geofence Warrant Rulings

    WASHINGTON, D.C. — Granting two separate certiorari petitions concerning geofence warrants, the U.S. Supreme Court on June 30 vacated decisions from the Texas Court of Criminal Appeals and the 11th Circuit U.S. Court of Appeals and remanded for further consideration in light of the high court’s one-day-old Chatrie v. United States ruling that accessing cellphone location evidence from Google under a geofence warrant constituted a search under the Fourth Amendment to the U.S. Constitution.

  • July 01, 2026

    Verizon Seeks Limited High Court Rehearing Of FCC Forfeiture Order Affirmance

    WASHINGTON, D.C. — In consolidated cases in the U.S. Supreme Court in which Verizon Communications Inc. and AT&T Inc. assert constitutional challenges to the Federal Communications Commission’s enforcement of monetary forfeitures under the Communications Act, Verizon filed a petition for rehearing seeking to modify the court’s disposition from affirmance to affirmance with a remand in the court’s holding that the FCC’s forfeiture orders do not violate the Seventh Amendment to the U.S. Constitution because forfeiture proceedings do not resolve the parties’ legal obligations.

  • June 30, 2026

    Trump Voter List, Mail-In Ballot Directives Blocked In States’ Challenge

    BOSTON — A Massachusetts federal judge denied dismissal and granted 23 states and the District of Columbia summary judgment granting declaratory and permanent injunctive relief in their challenge to a voter-data executive order, holding that the states had standing to pursue near-term election claims and that provisions requiring federal citizenship lists and U.S. Postal Service (USPS) mail-ballot restrictions for the 2026 election exceeded presidential authority, while declaring the executive order’s five-year election record preservation language precatory because Congress already has prescribed a record retention and Department of Justice (DOJ) access framework.

  • June 29, 2026

    Divided High Court Rules Search Occurred In Geofence Warrant Case

    WASHINGTON, D.C. — Concluding that accessing cellphone location evidence from Google under a geofence warrant constituted a search under the Fourth Amendment to the U.S. Constitution, the U.S. Supreme Court on June 29 vacated and remanded part of a Fourth Circuit U.S. Court of Appeals decision in a divided ruling that left significant questions for the Fourth Circuit to address.

  • June 29, 2026

    Insured, Insurer Reach Settlement In Principle Of Data Breach Coverage Suit

    ATLANTA— An insured and its insurer told a federal court in Georgia that they have reached a settlement in principle of the insured’s breach of contract and bad faith lawsuit seeking cyber defense coverage for putative class actions brought as a result of a 2024 data breach.

  • June 26, 2026

    7th Circuit: Plaintiff Fails To Show Insurer Is Liable For Telemarketer’s Calls

    CHICAGO — The Seventh Circuit U.S. Court of Appeals affirmed a lower federal court’s denial of a plaintiff’s request for class certification in his lawsuit seeking to hold an insurer liable under the Telephone Consumer Protection Act but reversed the court’s summary judgment ruling in favor of the plaintiff, holding that he failed to demonstrate that the insurer is vicariously liable for a telemarketer’s calls under any theory of agency law.

  • June 25, 2026

    Judge Partly Denies Online Pharmacy’s Motion To Dismiss Wiretap, CIPA Claims

    SAN FRANCISCO — A federal judge in California granted in part and denied in part an online pharmacy’s motion to dismiss claims under the federal Wiretap Act and denied its motion to dismiss claims under the California Invasion of Privacy Act (CIPA) in a putative class action alleging that the pharmacy configured and deployed Facebook’s pixel on its website and mobile application to facilitate the interception of users’ personal and health information by Meta Platforms Inc. without consent, refusing to dismiss either claim on the basis of consent to the extent the claim concerns the purported unlawful interception of personal health information.

  • June 24, 2026

    Media Company Asks High Court To Narrow VPPA Consumer Definition

    WASHINGTON, D.C. — A media and entertainment company argues in a June 23 respondent brief that the U.S. Supreme Court should affirm the Sixth Circuit U.S. Court of Appeals’ judgment that a California man is not a “‘consumer’” under the Video Privacy Protection Act (VPPA) because he subscribed only to a free newsletter, not to audiovisual goods or services from a videotape service provider and because the man’s contrary reading of the VPPA’s definition of “‘consumer’” would transform a targeted video-rental privacy statute into an internet-privacy law backed by statutory and punitive damages.

  • June 24, 2026

    High Court Vacates 6th Circuit Ruling In Murder-For-Hire Wiretap Dispute

    WASHINGTON, D.C. — The U.S. Supreme Court granted a petition for a writ of certiorari, vacated the Sixth Circuit U.S. Court of Appeals’ affirmance of a murder-for-hire conspiracy conviction and remanded for further consideration in light of the government’s position that the Federal Wiretap Act does not contain a clean-hands exception allowing prosecutors to use a secretly recorded FaceTime call in which the petitioner allegedly discussed paying two people to kill individuals who had criticized or threatened her.

  • June 24, 2026

    Some Challenges To Trump’s Voter Data Executive Order Allowed To Proceed

    BOSTON — A Massachusetts federal judge granted in part and denied in part motions to dismiss consolidated challenges to President Donald J. Trump’s voter data executive order, holding that claims concerning elections after Nov. 3, 2026, are prudentially unripe but that challenges concerning the 2026 midterm and earlier elections may proceed because the order imposes near-term agency deadlines and creates a “direct and immediate” dilemma for plaintiffs.

  • June 23, 2026

    Federal Judge Vacates 2025 Voting Citizenship Verification System, Notices

    WASHINGTON, D.C. — A federal judge in the District of Columbia on June 22 set aside and vacated the 2025 Systematic Alien Verification for Entitlements (SAVE) system and related notices, which were created in response to an executive order (EO) to verify the citizenship and immigration status of voters, as “contrary to law, arbitrary and capricious, in excess of statutory authority, and without observance of procedure required by law.”

  • June 23, 2026

    Restaurant Website Data Tracking Class Action Narrowed After Dismissal Ruling

    SAN FRANCISCO — A California federal magistrate judge granted in part and denied in part a second motion to dismiss a proposed class action alleging that restaurant companies continued tracking their website users after they declined cookies, holding that the website users cured earlier pleading defects but failed to adequately plead a wiretapping claim under the California Invasion of Privacy Act (CIPA) and could not proceed on certain time-barred CIPA claims tied to specific plaintiffs and restaurant-brand websites.

  • June 19, 2026

    Federal Judge Closes BIPA Violation Coverage Suit After Parties Seek Dismissal

    CHICAGO — Three days after the parties filed a stipulation of dismissal, a federal judge in Illinois dismissed an employer’s lawsuit seeking commercial general liability and umbrella insurance coverage for an underlying putative class action alleging that it violated the Illinois Biometric Information Privacy Act (BIPA) by disseminating electronic information derived from the scanning of its employees’ biometric identifiers to third parties without their consent.

  • June 19, 2026

    $515K Class Settlement OK’d In Marine Manufacturer Employee’s Data Breach Suit

    WASHINGTON, D.C. — A District of Columbia federal judge granted final approval of a $515,000 nonreversionary class settlement and $2,500 service awards for each of two named plaintiffs in a suit alleging that a marine manufacturer failed to safeguard personally identifiable information (PII) of employees and benefit recipients that was allegedly accessed during an April 2023 cyberattack.

  • June 19, 2026

    1 Class, 2 Subclasses Certified In Apple Biometric Data Class Action Case

    EAST ST. LOUIS, Ill. — An Illinois federal judge certified a class and two subclasses of Illinois citizens accusing Apple Inc. of violating the state’s Biometric Information Privacy Act (BIPA) through the iOS Photos app’s People album feature, holding that common questions predominate in the long-running biometric data suit because whether Apple collected or possessed biometric data without complying with BIPA written disclosure requirements can be resolved on a classwide basis.

  • June 18, 2026

    Utah Federal Judge Consolidates 33 Education Data Breach Complaints

    SALT LAKE CITY — A Utah federal judge consolidated 33 actions arising from the same data breach, finding that the cases assert common causes of action against a web-based learning management system that provides services for school, seek certification of overlapping classes and call for determination of the same legal questions in litigation alleging that a cyberattack group exposed personally identifiable information (PII) maintained through the company’s online platform.

  • June 18, 2026

    Data Breach Class Action Gets Final Approval After Appeals Court Remand

    INDIANAPOLIS — An Indiana state judge granted final approval to a claims-made class action settlement resolving a data breach suit against an IT services company filed by a former employee, approving benefits that include reimbursement of up to $750 for ordinary losses, up to $5,000 for extraordinary fraud or identity theft losses, plus separate payments of $195,000 in attorney fees and expenses and a $2,500 service award.

  • June 17, 2026

    Minors’ Claims Of Data Collection By Disney, YouTube Too Vague, Judge Says

    LOS ANGELES — A California federal judge adopted as final his tentative ruling dismissing a putative class action brought by minors who allege that, while under age 13, their personally identifiable information (PII) was collected from Disney videos on YouTube in violation of California’s unfair competition law (UCL) and federal privacy laws, writing that the claims are insufficiently detailed because the plaintiffs do not allege which videos their children watched that were not designated “for kids.”