Mealey's Data Privacy
-
February 12, 2025
Fortra Data Breach MDL Judge OK’s 1 Settlement, Stays Case For Global Settlement
MIAMI — The Florida federal judge overseeing the multidistrict litigation over a 2023 software app data breach granted final approval to the settlement of one of the MDL’s tracks on Feb. 11, while staying proceedings for the remaining parties while details of an announced global settlement are finalized.
-
February 12, 2025
Group: DOGE Access Of OPM Treasury Data Is Largest ‘Data Breach In U.S. History’
ALEXANDRIA, Va. — In a complaint filed in Virginia federal court, the Electronic Privacy Information Center (EPIC) faults the U.S. Department of Personnel Management (OPM) and the Department of the Treasury for allowing “the unlawful misuse of critical data systems” by the newly formed Department of Government Efficiency (DOGE).
-
July 22, 2024
Claims Trimmed From Remanded Crypto Wallet Data Breach Suit
SAN FRANCISCO — A cryptocurrency wallet firm and two of its business partners saw their motions to dismiss a suit over a 2020 data breach partly granted, as a California federal judge found some claims to be preempted by a forum selection clause and others to be insufficiently pleaded.
-
February 12, 2025
Judge Dismisses Contractor, Allows Only UCL Claim In Crypto Wallet Data Breach Row
SAN FRANCISCO — A California federal judge granted a subcontractors’ motion to dismiss claims against it related to a crypto wallet data breach incident after finding the claims fall under a forum selection clause requiring exclusive jurisdiction in France despite it being a nonsignatory to the contract, but declined to dismiss the plaintiffs’ putative class claim accusing the French parent company of violating California’s unfair competition law (UCL).
-
February 11, 2025
Federal Worker Union Files 2 Complaints Over CFPB Halted Work, Data Access
WASHINGTON, D.C. — The National Treasury Employees Union (NTEU) filed two complaints in a federal court in the District of Columbia against the Consumer Financial Protection Bureau (CFPB) acting director, one seeking to halt the access to CFPB systems, including employee information, for members of the Department of Government Efficiency (DOGE) and one challenging the directive for CFPB employees to stop their supervision and enforcement work.
-
February 11, 2025
United States To High Court: Health Center Data Security Not ‘Related Function’
WASHINGTON, D.C. — The Fourth Circuit U.S. Court of Appeals correctly found that a federally funded community health center (CHC) is not entitled to immunity from a lawsuit over a data breach, the United States asserted in a brief opposing a South Carolina CHC’s petition for certiorari, because action taken to safeguard patients’ data is not a “related function” to its primary health care duties.
-
February 10, 2025
Trump, Treasury Oppose TRO Halting Expanded Access To Federal Funds Recipients’ Info
NEW YORK — President Donald J. Trump and the Treasury Department filed an emergency motion on Feb. 10 seeking to “dissolve, clarify, or modify” an ex parte temporary restraining order (TRO) that a New York federal judge issued in the wee hours of Feb. 8 that halts the implementation of a new policy that would expand access to the payment systems of the Treasury’s Bureau of Fiscal Services (BFS) from just the bureau’s employees to newly appointed special government employees (SGEs).
-
February 10, 2025
Class Suit Alleges 2 Genders-Only Passport Policy Violates U.S. Constitution
BOSTON — The removal of the option to designate “X” on passports for those individuals who do not identify as female or male or who wish to keep a specified gender off their passport in response to a Jan. 20 executive order (EO) violates the U.S. Constitution, seven U.S. citizens allege in a putative class complaint filed Feb. 7 in a federal court in Massachusetts.
-
February 10, 2025
TRO Request Denied In Suit Seeking To Halt DOGE’s Access To DOL’s Private Info
WASHINGTON, D.C. — A federal judge in the District of Columbia in a Feb. 7 memorandum opinion and order expressed “concerns” about the alleged access to nonpublic U.S. Department of Labor (DOL) information and data being provided to personnel from the newly formed Department of Government Efficiency (DOGE), but denied a motion for a temporary restraining order (TRO) filed by five unions and one nonprofit think tank for failure to establish standing.
-
February 10, 2025
TRO Ruling Deferred After Government Agrees Not To ID FBI Workers On Trump Cases
WASHINGTON, D.C. — The federal government will not publicly release the identities of Federal Bureau of Investigation workers involved in investigating two events involving President Donald J. Trump at least until after ruling is issued on anticipated motions for a preliminary injunction in two cases seeking to stop such disclosures, according to a consent decree signed by a federal judge in the District of Columbia on Feb. 7.
-
February 10, 2025
Judge Again Denies Data Analytics Firm’s Motion To Dismiss FTC Complaint
BOISE, Idaho — A data analytics company’s third motion to dismiss an unfair business practices complaint brought against it by the Federal Trade Commission recycled arguments already rejected in previous rulings, an Idaho federal court judge held, again finding that the commission sufficiently alleges substantial privacy and discrimination consumer harms from the collection and sale of their geolocation data.
-
February 10, 2025
Class Counsel Assigned In Consolidated Geisinger Health Data Theft Suit
WILLIAMSPORT, Pa. — A Pennsylvania federal judge concluded that the plaintiffs in a putative class action over a data theft incident experienced by Geisinger Health “would undoubtedly be well-served by either group of experienced and accomplished attorneys” proposed in competing motions to appoint class counsel; however, he selected the attorneys proposed by the plaintiff in the first-filed suit, finding them to be “best positioned to represent the interests of the class.”
-
February 07, 2025
5 Motions To Dismiss Bellwether Complaint Filed In MOVEit Data Breach MDL
BOSTON — The software company that designed the MOVEit file-transfer app filed a motion in Massachusetts federal court to dismiss the bellwether complaint in the massive multidistrict litigation over a 2023 ransomware attack that targeted the app, as did four of its clients, whose customers had their personal information exposed in the incident.
-
August 02, 2024
Data Breach Class Suits Against Health Care Provider, IT Vendor Consolidated
SCRANTON, Pa. — A federal judge in Pennsylvania has consolidated nine putative class actions against Geisinger Health and its third-party information technology services vendor stemming from the Nov. 29 discovery that a former employee of the vendor had accessed and acquired the personally identifiable information (PII) and personal health information (PHI) of individuals who received health care from the provider.
-
February 06, 2025
6th Circuit Stands By No Coverage Ruling In Home Depot’s Suit Over Data Breach
CINCINNATI — The Sixth Circuit U.S. Court of Appeals on Feb. 5 denied Home Depot’s petition seeking a panel rehearing of a majority ruling that affirmed an Ohio federal court’s finding that a commercial general liability insurance policy’s electronic data exclusion bars coverage for Home Depot’s losses stemming from a 2014 data breach.
-
February 06, 2025
Unions, Groups Allege DOGE Is Seizing Private Info While Dismantling Government
WASHINGTON, D.C. — Personnel from the newly formed Department of Government Efficiency (DOGE) have entered several federal agencies in the last two weeks, seized data, including “sensitive personnel data,” taken employment action against those who resist the efforts and started to transform or “fully dismantle” the agencies, five unions and one nonprofit think tank allege in a complaint filed in a federal court in the District of Columbia on Feb. 5, the same day the unions and group moved for a temporary restraining order to halt the seizure of data from the U.S. Department of Labor (DOL).
-
February 05, 2025
Privacy Suit Over Mental Health Site’s Data Sharing Mostly Survives Dismissal
PHOENIX — Two users of a mental health firm’s website adequately pleaded putative class claims for wiretapping, unfair competition and privacy over the site operator’s use of Meta Platforms Inc’s Pixel to collect and share users’ personal data, an Arizona federal judge ruled, mostly denying the operator’s dismissal motion.
-
February 05, 2025
CareFirst Data Breach Suit Settlement For Injunctive Relief Gets Initial OK
WASHINGTON, D.C. — A District of Columbia federal judge on Feb. 4 granted preliminary approval to a settlement of a decade-old putative class action over a health insurer’s 2014 data breach that offers only injunctive relief to class members.
-
February 05, 2025
FBI Workers Involved In Trump Cases File 2 Suits To Keep Identities Private
WASHINGTON, D.C. — Two complaints, one of which is a putative class action, and two motions for temporary restraining orders (TROs) were filed Feb. 4 by current and former employees of the Federal Bureau of Investigation and the Federal Bureau of Investigation Agents Association (FBIAA) in a federal court in the District of Columbia seeking to stop the publication or dissemination of a list allegedly being compiled of FBI employees who were involved in investigating two events involving President Donald J. Trump; the complaints allege that releasing the workers’ identifies will violate their privacy rights and put them at risk of retribution.
-
February 04, 2025
Home Depot Asks 6th Circuit To Rehear No Coverage Ruling In Data Breach Dispute
CINCINNATI — Home Depot filed a petition in the Sixth Circuit U.S. Court of Appeals seeking a panel rehearing of a majority ruling that affirmed an Ohio federal court’s finding that a commercial general liability insurance policy’s electronic data exclusion bars coverage for Home Depot’s losses stemming from a 2014 data breach.
-
February 04, 2025
Florida Judge Gives Final OK To $6.8 Million Settlement Of Hospital Data Breach Row
TAMPA, Fla. — A $6.8 million settlement of class claims over a hospital’s 2023 data breach achieved final approval from a Florida judge on Feb. 3, with attorney fees, costs and service awards also getting the thumbs up.
-
February 04, 2025
Plastic Surgeon Allegedly Failed To Protect Patient Data And Nude Photos From Hackers
LOS ANGELES — Eight patients on Feb. 3 filed suit in California federal court accusing a plastic surgeon and his medical practice of violating California’s unfair competition law (UCL) and other laws by failing to protect their data or prevent a cyberattack by hackers who obtained data including nude photographs of patients, some of which the hackers have allegedly posted online.
-
February 04, 2025
2 Unions, Group Sue Treasury Department Over Elon Musk’s Alleged Privacy Intrusion
WASHINGTON, D.C. — Less than two weeks after the Jan. 20 inauguration, Elon Musk and/or other members of the newly formed “Department of Government Efficiency” (DOGE) were provided unfettered access U.S. Treasury Department records in violation of the Privacy Act of 1974 and the Internal Revenue Code, an advocacy group and two unions, each with members that are current or former federal employees, allege in a complaint filed Feb. 3 in a federal court in the District of Columbia.
-
February 04, 2025
8th Circuit Upholds Remand Of Putative Class Suit Alleging Sharing Of Health Info
ST. LOUIS — A trial court’s remand of a putative class suit accusing a health care company of violating Missouri law by sharing private health information with third parties was upheld by an Eighth Circuit U.S. Court of Appeals panel that opined that federal jurisdiction did not exist under the federal officer removal statute or the Class Action Fairness Act (CAFA).
-
February 04, 2025
Federal Government Employees File Privacy Class Suit Over OPM ‘Test’ Emails
WASHINGTON, D.C. — Two federal workers referred to only as Jane Does filed a class complaint in a federal court in the District of Columbia accusing the Office of Personnel Management (OPM) of failing to conduct and publish a privacy impact assessment (PIA) before allegedly sending out “test” emails that the workers claim are being used to collect information on workers that is being sent to someone working for Elon Musk.