-
June 19, 2026
CHICAGO — Three days after the parties filed a stipulation of dismissal, a federal judge in Illinois dismissed an employer’s lawsuit seeking commercial general liability and umbrella insurance coverage for an underlying putative class action alleging that it violated the Illinois Biometric Information Privacy Act (BIPA) by disseminating electronic information derived from the scanning of its employees’ biometric identifiers to third parties without their consent.
-
June 19, 2026
WASHINGTON, D.C. — A District of Columbia federal judge granted final approval of a $515,000 nonreversionary class settlement and $2,500 service awards for each of two named plaintiffs in a suit alleging that a marine manufacturer failed to safeguard personally identifiable information (PII) of employees and benefit recipients that was allegedly accessed during an April 2023 cyberattack.
-
June 19, 2026
EAST ST. LOUIS, Ill. — An Illinois federal judge certified a class and two subclasses of Illinois citizens accusing Apple Inc. of violating the state’s Biometric Information Privacy Act (BIPA) through the iOS Photos app’s People album feature, holding that common questions predominate in the long-running biometric data suit because whether Apple collected or possessed biometric data without complying with BIPA written disclosure requirements can be resolved on a classwide basis.
-
June 18, 2026
SALT LAKE CITY — A Utah federal judge consolidated 33 actions arising from the same data breach, finding that the cases assert common causes of action against a web-based learning management system that provides services for school, seek certification of overlapping classes and call for determination of the same legal questions in litigation alleging that a cyberattack group exposed personally identifiable information (PII) maintained through the company’s online platform.
-
June 18, 2026
INDIANAPOLIS — An Indiana state judge granted final approval to a claims-made class action settlement resolving a data breach suit against an IT services company filed by a former employee, approving benefits that include reimbursement of up to $750 for ordinary losses, up to $5,000 for extraordinary fraud or identity theft losses, plus separate payments of $195,000 in attorney fees and expenses and a $2,500 service award.
-
June 17, 2026
LOS ANGELES — A California federal judge adopted as final his tentative ruling dismissing a putative class action brought by minors who allege that, while under age 13, their personally identifiable information (PII) was collected from Disney videos on YouTube in violation of California’s unfair competition law (UCL) and federal privacy laws, writing that the claims are insufficiently detailed because the plaintiffs do not allege which videos their children watched that were not designated “for kids.”
-
June 15, 2026
SPOKANE, Wash. — Saying in part that he did not conclude that the Family Educational Rights and Privacy Act (FERPA) “creates an evidentiary privilege,” a Washington federal judge granted a motion for a protective order in a student’s suit against a public community college “to the extent Plaintiff has not demonstrated relevance or that his need for the information outweighs any privacy interests.”
-
June 15, 2026
OAKLAND, Calif. — A California federal judge partly granted Google LLC’s motion to dismiss dormant claims in a proposed privacy class action over Chrome data collection but allowed Federal Wiretap Act, invasion of privacy, California Comprehensive Computer Data Access and Fraud Act (CDAFA) and declaratory relief claims to proceed after finding that Google had not shown at the pleading stage that the challenged data collection was consented to, exempt from the Federal Wiretap Act or tied to Google’s Chrome privacy representations.
-
June 09, 2026
SAN JOSE, Calif. — Two companies that operate the Grok artificial intelligence system asked a judge in a reply brief to compel a plaintiff who was granted permission to proceed under a pseudonym to use her real name, saying that doing so ensures federal rules are followed, furthers the public interest and does not implicate privacy concerns.
-
June 09, 2026
WASHINGTON, D.C. — The Federal Trade Commission ordered an education technology company to delete unnecessary data, limit future data retention and strengthen its information security program, resolving an administrative proceeding over alleged FTC Act violations tied to a breach that exposed the personal information of more than 10.1 million students.
-
June 09, 2026
WASHINGTON, D.C. — A group of Democratic organizations and lawmakers appealed the denial of preliminary injunctive relief in a District of Columbia federal court in consolidated challenges to President Donald J. Trump’s March 2026 voter data executive order (EO), while federal courts in related voter data litigation have dismissed or stayed several U.S. Department of Justice (DOJ) actions seeking unredacted statewide voter registration lists.
-
June 09, 2026
WASHINGTON, D.C. — The state of Wisconsin urged the U.S. Supreme Court to deny review of a Fourth Amendment challenge arising from a prosecution based on child sexual abuse material found after law enforcement viewed a hash-matched Snapchat CyberTip video without a warrant, arguing that the state high court’s private-search ruling was interlocutory, that the petition is a “poor vehicle” for resolving a circuit split and that the challenged issue would not affect the prosecution even if suppression were required.
-
June 04, 2026
BOSTON — Declining to issue an injunction pending appeal in a dispute that is playing out in two federal jurisdictions over a U.S. Department of Justice (DOJ) administrative subpoena, the First Circuit U.S. Court of Appeals said the movant “simplyhas not shown the irreparable harm required to obtain that ‘extraordinary’ relief.”
-
June 04, 2026
WASHINGTON, D.C. — In an 8-1 ruling issued June 4 by the U.S. Supreme Court in consolidated cases in which Verizon Communications Inc. and AT&T Inc. asserted constitutional challenges to the Federal Communications Commission’s enforcement of monetary forfeitures under the Communications Act, a majority held that the FCC’s forfeiture orders do not violate the Seventh Amendment to the U.S. Constitution because the forfeiture proceedings do not resolve the parties’ legal obligations.
-
June 04, 2026
WASHINGTON, D.C. — Invoking George Orwell’s warning that “‘Who controls the past controls the future; who controls the present controls the past,’” a District of Columbia federal judge partly granted preliminary injunction motions in two related challenges to the executive branch’s position that the Presidential Records Act (PRA) is unconstitutional, finding that the plaintiffs showed likely informational injury, reviewability, success on the merits, irreparable harm and a public interest in preserving presidential records during the litigation.
-
June 03, 2026
SAN FRANCISCO — A California federal judge granted final approval of a $1.2 million class action settlement and $5,000 service awards to both named plaintiffs in litigation alleging that a website operator violated the California Invasion of Privacy Act (CIPA) by using third-party trackers on a video game website to collect users’ IP addresses and other identifiers without consent, rendering the trackers unauthorized “‘pen registers’” under the statute.
-
June 01, 2026
WASHINGTON, D.C. — An individual whose personal data was allegedly accessed in a cyberattack filed a proposed class complaint in a District of Columbia federal court against a law firm, asserting that the firm failed to adequately safeguard sensitive information allegedly obtained from third parties and delayed notice for months after discovering unauthorized access to its systems.
-
May 29, 2026
LOS ANGELES — The California attorney general filed a complaint on behalf of the state against the successor entities of the 23andMe genetic testing company seeking civil penalties and injunctive relief for its alleged violations of California’s unfair competition law (UCL) and other laws based on the company’s failure to protect customers’ genetic data from a cyberattack.
-
May 29, 2026
SAN JOSE, Calif. — A California appeals court panel affirmed a lower court’s summary judgment ruling in favor of an excess errors and omissions insurer in Zoom Video Communications Inc.’s breach of contract lawsuit seeking coverage for the more than $6.6 million it paid to resolve a Federal Trade Commission (FTC) investigation and the $85 million that it paid to settle civil lawsuits challenging its data security practices, holding that the FTC’s civil investigative demand (CID) was not a claim to trigger coverage under the policy.
-
May 29, 2026
LOS ANGELES — A California federal judge largely granted motions to dismiss putative class claims brought by OnlyFans subscribers who say that they were deceived into paying extra fees to “chat” and share personal information with individual creators in violation of California’s unfair competition law (UCL) and other laws, when they in fact were talking with professional third-party “chatters,” dismissing most claims against the companies that operate the site but allowing a claim against the agencies that manage creators and chatters for sharing personal information.
-
May 29, 2026
LOS ANGELES — A California federal judge denied the National Collegiate Athletic Association (NCAA) and Turner Sports Interactive Inc.’s motion to stay a proposed class action alleging that third-party trackers on NCAA.com violated the pen register provision of the California Invasion of Privacy Act (CIPA) pending an appeal in an analogous website-tracking case, finding that the appeal did not justify delaying the litigation because its potential effect on the plaintiffs’ Article III standing theory was uncertain, resolution could take years and a stay could postpone relief for absent putative class members.
-
May 28, 2026
WASHINGTON, D.C. — The U.S. Supreme Court granted a joint motion to dismiss a petition for a writ of certiorari in putative class action litigation arising from an insurer’s data breach in which hackers gained access to nearly 3 million driver’s license numbers after the parties reached a settlement resolving the underlying dispute, leaving in place a Fourth Circuit U.S. Court of Appeals ruling that two named plaintiffs had Article III standing to seek damages based on the dark web posting of their driver’s license numbers.
-
May 28, 2026
DALLAS — One day after an insured and its cyber insurer filed a joint motion to dismiss, a federal judge in Texas dismissed the insured’s lawsuit seeking coverage for its more than $1.2 million in losses arising from a malware attack.
-
May 22, 2026
NEW YORK — A Missouri woman’s Video Privacy Protection Act (VPPA) putative class lawsuit against NBCUniversal Media LLC (NBCU) for allegedly improperly sharing her video-watching activities with third parties was properly dismissed for a third time by a federal judge in New York, a Second Circuit U.S. Court of Appeals ruled, opining that the woman’s “allegations are materially indistinguishable from the claims” in Solomon v. Flipps Media, Inc., which “is binding precedent in” the Second Circuit.
-
May 21, 2026
PITTSBURGH — A Pennsylvania federal magistrate judge granted summary judgment to a cybersecurity company and its former CEO in a long-running defamation dispute arising from the Federal Trade Commission’s investigation and enforcement action over a cancer-screening company’s alleged exposure of a patient information file on a peer-to-peer network, dismissing the remaining defamation per se claim over 2015 public statements describing the file as publicly available, exposed or leaked.