Newsletter RSS

Mealey's Data Privacy

  • March 04, 2025

    Union, Groups Sue To Stop DOGE, Others From Accessing Social Security Systems

    BALTIMORE — The Social Security Administration (SSA) “has access to some of the nation’s most sensitive data” of Americans, and U.S. DOGE Service and Elon Musk should not have unfettered access, a union, an advocacy group and a labor organization allege in a complaint filed in federal court in Maryland.

  • March 03, 2025

    Insurers Settle Coverage Dispute With Taco Bell Owners Over BIPA Violation Claims

    SPRINGFIELD, Ill. — The same day commercial general liability and umbrella insurers and the owners and operators of Taco Bell restaurants in Illinois indicated that they have agreed in principle to settle the insurers’ lawsuit seeking a declaratory judgment that they have no duty to defend and indemnify in an underlying class action alleging that the insureds violated the state’s Biometric Information Privacy Act (BIPA), a federal magistrate judge in Illinois issued an order on Feb. 28 noting that all scheduled hearings are vacated and any pending motions are rendered moot.

  • March 03, 2025

    $21 Million Settlement Of Suit Over Brokerage Firm’s Data Breach Gets Final OK

    CHICAGO — The same day that she presided over a fairness hearing for a proposed $21 million settlement of negligence, contractual and statutory claims over a 2020 data breach experienced by Arthur J. Gallagher Co. (AJG), an Illinois federal judge granted final approval to it, dismissing the case with prejudice.

  • February 28, 2025

    9th Circuit Reverses, Remands $800,000 Fee Award For $950,000 Class Settlement

    SAN FRANCISCO —  A panel of the Ninth Circuit U.S. Court of Appeals has reversed a trial court’s approval of $800,000 in attorney fees and costs for a claims-made data breach class settlement that had a redemption value of “at most” about $950,000, but a panel majority approved the underlying settlement with a dissenting judge calling the trial court’s approval “perfunctory.”

  • February 26, 2025

    Data Location Privacy Class Alleges Violations Of Washington My Health My Data Act

    SEATTLE — Mobile applications using the software development kit (SDK) from Amazon.com Inc. and Amazon Advertising LLC (together, Amazon) allow for Amazon to harvest location data directly from consumers’ devices without prior notice in violation of consumers’ privacy rights, a Washington woman alleges in a class complaint filed in a federal court in that state and purported to be the first complaint filed under Washington’s My Health My Data Act (MYMD), which was signed into law in 2023.

  • February 25, 2025

    Maryland Judge Enjoins OPM, DOE From Providing DOGE With Access To Records

    GREENBELT, Md. — Granting a temporary restraining order (TRO) motion filed by a group of veterans and labor organizations, a Maryland federal judge on Feb. 24 found that the “continuing, unauthorized discloser” of plaintiffs’ personally identifiable information (PII) to affiliates of the U.S. Department of Government Efficiency (DOGE) by the U.S. Office of Personnel Management (OPM) and the U.S. Department of Education (DOE) constituted “irreparable harm” that can only be adequately addressed via injunctive relief.

  • February 25, 2025

    2 Members Of Federal Oversight Board Allege Removals Were Unlawful

    WASHINGTON, D.C. — Two members of the U.S. Privacy and Civil Liberties Oversight Board (PCLOB) filed a complaint on Feb. 24 in District of Columbia federal court accusing President Donald J. Trump of removing them without cause, which threatens to silence the “independent advice” members of the board provide to Congress and the reporting members provide to Congress and the public “on how the government balances national security activities with privacy and civil liberties protections.”

  • February 25, 2025

    DOGE Dodges Injunction In Suit Brought By Privacy Group, Doe Plaintiff

    ALEXANDRIA, Va. — The Electronic Privacy Information Center (EPIC) and a Jane Doe federal government employee were denied a preliminary injunction to stop the U.S. Department of Government Efficiency (DOGE) from “running roughshod over core data protections and endangering the security of vital government systems,” with a Virginia federal judge finding that the plaintiffs did not establish irreparable harm to merit such an “extraordinary remedy.”

  • February 24, 2025

    7 Suits Over Insurer’s Data Breach Remanded To Wisconsin State Court

    MADISON, Wis. — A health insurance company did not establish that federal jurisdiction existed over seven putative class actions that it removed to Wisconsin federal court, a judge held, granting a motion to remand the suits over a 2024 data breach to state court, finding that exceptions to the Class Action Fairness Act (CAFA) defeated federal jurisdiction.

  • February 24, 2025

    DOGE Temporarily Enjoined From Accessing BFS Data, Payment Systems

    NEW YORK — Staff members of the U.S. Department of Government Efficiency (DOGE) were temporarily halted from accessing data and payment systems within the Bureau of Fiscal Services (BFS) on Feb. 21, when a New York federal judge granted a preliminary injunction motion filed by a group of 19 states that objected to access to files containing highly personal information of millions of Americans by DOGE.

  • February 21, 2025

    Groups Sue To Stop DOGE Access Of Internal Revenue Service Records, Systems

    WASHINGTON, D.C. — A taxpayer rights nonprofit, a small business network and two labor unions teamed up to file a complaint in District of Columbia federal court against the Internal Revenue Service, the U.S. Department of the Treasury and the U.S. Department of Government Efficiency (DOGE) to prevent the access of the private information of millions of taxpayers and small business owners by DOGE from the IRS data systems.

  • February 21, 2025

    No Temporary Restraining Order For States In Suit Against Musk, Trump, DOGE

    WASHINGTON, D.C. — A group of states seeking to halt purportedly unconstitutional actions being taken by the U.S. Department of Government Efficiency (DOGE) and Elon Musk related to government agencies’ data systems and personnel were denied their request for a temporary restraining order (TRO) by a District of Columbia federal judge, who found that the states did “not carr[y] their burden of showing that they will suffer imminent, irreparable harm absent a” TRO.

  • February 20, 2025

    Judge Permits ‘Mass Opt-Out’ From Eavesdropping Class Action Against Google

    SAN JOSE, Calif. — A California federal judge stated that she had “little hesitation” denying Google LLC’s motion to reject a “mass exclusion request” by nearly 70,000 Google Assistant (GA) users who seek to opt out of an unfair competition class action over Google’s purported eavesdropping via the digital assistant app and pursue arbitration of their privacy claims against the company instead.

  • February 20, 2025

    5 Federal Workers’ Class Suit Alleges Info Access Is Largest Breach Since Watergate

    WASHINGTON, D.C. — Federal officials’ decision to allow individuals from outside the U.S. government to access the “personal sensitive information” (PSI) of millions of federal workers “is the biggest breach of American trust by political actors since Watergate,” five federal employees allege in a class complaint filed in a federal court in the District of Columbia.

  • February 19, 2025

    Media Tech Insurer, Financial Services Firm Settle Data Breach Coverage Dispute

    SEATTLE — A media tech insurer that filed suit and its financial services firm insured filed a notice in a Washington federal court indicating they have settled the insurer’s lawsuit seeking a declaration that it has no duty to defend or indemnify the insured for a bank’s indemnification demand for a data breach incident and a related subrogation lawsuit brought by the bank’s insurer.

  • February 18, 2025

    Excess Insurer Appeals Ruling In BIPA Violation Coverage Dispute

    CHICAGO — An excess insurer filed a notice indicating that it is appealing an Illinois federal court’s ruling granting in part and denying in part cross-motions for summary judgment in a franchisee of the Burger King chain’s breach of contract lawsuit seeking a declaration that the insurer has a duty to defend against an underlying putative class lawsuit alleging that the insured violated the Illinois Biometric Information Protection Act (BIPA).

  • February 18, 2025

    TRO Denied In Federal Workers’ Privacy Suit Over OPM ‘Test’ Emails

    WASHINGTON, D.C. — Federal workers suing under pseudonyms who accuse the Office of Personnel Management (OPM) of failing to conduct and publish a privacy impact assessment (PIA) before allegedly sending out “test” emails the workers claim are being used to collect information on them failed to show “that they are likely to incur some irreparable injury” without a temporary restraining order (TRO), a federal judge in the District of Columbia ruled Feb. 17, denying a renewed TRO motion in the putative class case.

  • February 18, 2025

    Class Action Alleges Allstate Collected, Sold Data Without Plaintiffs’ Consent

    CHICAGO — A class action complaint filed in Illinois federal court alleges that The Allstate Corp. and its subsidiaries collected and sold the plaintiffs’ personal data and “‘trillions of miles’ worth of ‘driving behavior’” data without their consent.

  • February 18, 2025

    Minor Surveilled In Hospital Had Reasonable Expectation Of Privacy, Judge Rules

    SAN DIEGO — Finding that a hospital patient had a reasonable expectation to not be subjected to 24-hour surveillance in her hospital room, a California federal judge delivered a mixed-bag ruling to the hospital and other parties seeking dismissal of a complaint alleging privacy and civil rights violation, with many of the defendants being dismissed for failure to specify how they contributed to the claimed acts.

  • February 14, 2025

    Class Complaint Alleges Computer Fraud, Privacy Violations By Musk, Agencies

    WASHINGTON, D.C. — Six U.S. citizens filed a putative class complaint in District of Columbia federal court over purported privacy violations by the access to government systems and citizens’ personal data given to Elon Musk and the Department of Government Efficiency (DOGE).

  • February 14, 2025

    9th Circuit Rejects Appeal Of $725 Million Facebook Data-Sharing Suit Settlement

    SAN FRANCISCO — More than a year after a trial court approved the $725 million settlement of a consolidated class action over the 2015 sharing of Facebook users’ profiles with Cambridge Analytica, a Ninth Circuit U.S. Court of Appeals panel on Feb. 13 affirmed the approval over an appeal of the settlement and attorney fees amounts by two class members.

  • February 14, 2025

    14 States Sue Musk, Trump Alleging DOGE Violates Appointments Clause

    WASHINGTON, D.C. — Comparing Elon Musk’s recent actions, accessing of sensitive data from federal agencies’ computer systems, to “the abuses of an 18th century monarch,” a group of 14 U.S. states filed a complaint on Feb. 13 in a District of Columbia federal court, claiming that the free reign given to Musk and the U.S. Department of Government Efficiency (DOGE) violates the appointments clause of the U.S. Constitution.

  • February 13, 2025

    Preliminary Approval Given To $95 Million Settlement Of Siri Eavesdropping Suit

    OAKLAND, Calif. — A class action accusing Apple Inc. of collecting unauthorized recordings of Apple device users via its digital assistant Siri moved closer to resolution, with a California federal judge granting preliminary approval to a proposed $95 million settlement of the 5-1/2-year-old lawsuit.

  • February 13, 2025

    Labor Groups, Veterans Sue Federal Agencies Over DOGE Access To Private Info

    GREENBELT, Md. — A group of four labor organizations and six individuals who served in the U.S. armed forces filed a complaint against three federal agencies in Maryland federal court, contending that the access to federal files and systems granted to the recently formed Department of Government Efficiency (DOGE), including “Elon Musk and a cadre of loyalists,” runs counter to the protections of the Privacy Act and violates the Administrative Procedure Act (APA).

  • February 12, 2025

    Precious Metals Company Data Breach Class Claims Dismissed By Plaintiff

    DALLAS — A putative class action plaintiff filed a notice of voluntary dismissal in Texas federal court of his lawsuit accusing a Texas-based precious metals refiner of violating California’s unfair competition law (UCL) and other consumer protection laws by failing to take cybersecurity measures to stop a data breach that allowed access to the personally identifiable information (PII) of himself and class members.

Can't find the article you're looking for? Click here to search the Mealey's Data Privacy archive.