Newsletter RSS

Mealey's Data Privacy

  • September 25, 2024

    Plaintiffs, Google Update Status Of Suit Over $5.5M Cookie Privacy Suit Settlement

    WILMINGTON, Del. — Following the lifting of a stay in a lawsuit where the plaintiffs sued Google LLC for purported privacy violations, the parties filed a joint status report in a Delaware federal court saying the 12-year-old case is “essentially at the same procedural posture as in 2015” after the court denied final approval of a $5.5 million settlement.  The plaintiffs noted that they have prepared discovery to address class issues and proceed to class certification, asserting that if they are able to demonstrate that the putative class is ascertainable, then the settlement should be granted final approval.

  • September 25, 2024

    Investors, Facebook Agree On Risk Question, Disagree On What High Court Should Do

    WASHINGTON, D.C. — Meta Platforms Inc., formerly Facebook Inc., investors tell the U.S. Supreme Court in a Sept. 24 respondent brief that they agree with Facebook as to the answer to the limited question before the justices regarding disclosure of immaterial past risks but argue that the Ninth Circuit U.S. Court of Appeals’ ruling should be upheld as it was correct when it opined that Facebook issued misleading statements about the risk of potential misuse of user data because the company was aware that it had already occurred.

  • September 25, 2024

    Most Claims Survive Dismissal In Forta Data Breach MDL Case

    MIAMI — Ruling that the plaintiffs in a consolidated putative class action arising from a 2023 data security breach adequately allege standing, a Florida federal judge granted dismissal for failure to state a claim only as to all or part of 11 of the 27 claims; he said he would allow repleading on four of the claims, but the plaintiffs opted to forgo repleading.

  • September 25, 2024

    Judge Dismisses ‘Magic Avatars’ AI Biometric Data Case After Period To Amend Ends

    CHICAGO — A federal judge in Illinois dismissed an action in which a man claimed that his photographs and other biometric information are included in datasets used to train a third-party artificial intelligence that powers an image rendering application after the man failed to file an amended complaint in the wake of dismissal of his action.

  • September 24, 2024

    Google Partially Granted Summary Judgment In Ovulation Tracking App Suit

    SAN FRANCISCO — Female consumers who used the Flo Period & Ovulation Tracker app and are now suing the app creator and third parties for privacy and contract violations as well as unfair competition law (UCL) claims under California law abandoned their defense of their UCL claims against Google LLC and failed to show that Google has actual knowledge of the alleged practices, a federal judge in California ruled Sept. 23, partially granting Google’s motion for summary judgment.

  • September 24, 2024

    Data Breach Class Suit Against Casino Operator May Proceed, Judge Rules

    LAS VEGAS — A Nevada federal judge granted in part and denied in part a casino operator’s motion to dismiss putative class action claims against it for negligence, violation of California’s unfair competition law (UCL) and other statutes on behalf of a nationwide class and a California subclass in relation to a 2022 breach of its servers that led to the leak of more than 200,000 people’s personal identifying information (PII).

  • September 19, 2024

    5th Circuit Dismisses Government’s Appeal In Health Information Privacy Row

    NEW ORLEANS — The Fifth Circuit U.S. Court of Appeals dismissed the government’s appeal of a Texas federal judge’s ruling that two hospitals and two hospital associations were correct that  a standard established in two recent U.S. Department of Health and Human Services (HHS) subagency bulletins for determining when online tracking technology has unlawfully gathered internet users’ individually identifiable health information (IIHI) exceeded HHS’s authority, after the government moved to voluntarily dismiss its appeal.

  • September 19, 2024

    Judge Approves $6.5M Settlement For Breach Of Prisoners’ Health Data

    LEXINGTON, Ky. — A Kentucky federal judge on Sept. 17 granted final approval of a nearly $6.5 million class action settlement including $2.1 million in attorney fees against a claims administrator for correctional facilities for a 2022 data breach that led to the personal health data of nearly 600,000 people being posted online.

  • September 19, 2024

    Preliminary Approval Of Settlement Granted In Payroll Processor Data Breach Suit

    LOS ANGELES — A California state court judge granted preliminary approval of a settlement in a putative class action suit against an entertainment industry payroll processor whose alleged failure to implement cybersecurity measures to protect the plaintiffs’ personally identifiable information (PII) resulted in a data breach impacting more than 450,000 individuals, staying litigation in the case pending final approval of the settlement.

  • September 19, 2024

    Sending Google Settlement Funds To Only Cy Pres Groups ‘Legal Error,’ Objectors Say

    SAN FRANCISCO — Approval of a plan to distribute most of a $62 million settlement in a consolidated class action over Google Inc.’s collection of users’ location data to cy pres organizations while class members receive nothing runs afoul of a revised rule of federal procedure, warranting reversal and remand, three settlement objectors tell the Ninth Circuit U.S. Court of Appeals in their opening brief.

  • September 19, 2024

    Failure To Allege NFL Prerecorded Videos Were Viewed Deemed ‘Fatal’ To VPPA Claim

    NEW YORK — A federal judge in New York dismissed a putative class complaint accusing the National Football League of violating the Video Privacy Protection Act (VPPA) by sharing personal data about users of the NFL’s website, mobile application and video service with a third party, opining that the lead plaintiff’s failure to allege that prerecorded videos were viewed was “fatal” to the complaint.

  • September 19, 2024

    Planned Parenthood’s $6M Data Breach Class Settlement Given Final OK

    LOS ANGELES — A $6 million settlement by Planned Parenthood Los Angeles (PPLA) to end a consolidated class complaint accusing the reproductive health care provider of failing to protect patients’ personally identifiable information and protected health information from being accessed and stolen was granted final approval by a California judge, following the submission of additional documentation.

  • September 18, 2024

    Class Action Alleges Insurance Provider Negligently Failed To Prevent Data Breach

    NEW YORK —A class action complaint was filed in a New York federal court against a financial organization that offers insurance, retirement and investment services primarily to teachers, alleging that the defendant failed to prevent a May 2023 data breach that resulted in the theft of the personally identifiable information (PII) of its current and former clients.

  • September 17, 2024

    New Mexico Officials Appeal Ruling That Voter Data Was Wrongfully Withheld

    ALBUQUERQUE, N.M. — New Mexico’s attorney general and secretary of state filed a notice of appeal to the 10th Circuit U.S. Court of Appeals following a New Mexico federal judge’s ruling that the state violated the rights of a nonprofit voter participation organization under the First Amendment to the U.S. Constitution by withholding publicly available state voter data from the nonprofit organization.

  • September 17, 2024

    23andMe Asks MDL Judge To Approve $30M Data Breach Settlement

    SAN FRANCISCO — Genetic data company 23andMe Inc. filed a brief urging the U.S. District Court for the Northern District of California to grant preliminary approval to a $30 million settlement to resolve claims in a multidistrict litigation brought by plaintiffs whose genetic data on 23andMe’s website was hacked and offered for sale online and asking the court to enjoin separate litigation and arbitrations brought against it for the breach that it says could “jeopardize . . . the Settlement.”

  • September 17, 2024

    Pa. Health Provider’s $65M Data Breach Settlement Granted Preliminary Approval

    SCRANTON, Pa. — A Pennsylvania judge granted preliminary approval of a $65 million settlement to be paid by Lehigh Valley Health Network Inc. (LVHN) to end a class complaint alleging that a February 2023 data breach resulted in the disclosure of personal information and medical records, including nude photographs.

  • September 16, 2024

    Reconsideration Denied On Issue Of Mitigation Costs In Plaintiffs’ Data Breach Suit

    WASHINGTON, D.C. — A District of Columbia federal judge denied a motion for reconsideration and motion for leave to file an interlocutory appeal filed by plaintiff policyholders whose personally identifiable information (PII) was stolen in a 2014 data breach because the finding that mitigation costs are not recoverable in a breach of contract action under District of Columbia law has been the law of the case since 2019.

  • September 13, 2024

    Judge Grants Injunction In 1st Amendment Row Over Utah Social Media Moderation Law

    SALT LAKE CITY — In a decision addressing two cases challenging Utah state legislation to moderate social media content for minors, a Utah federal judge in the first case granted a preliminary injunction to an internet trade association company seeking to prevent enforcement of the legislation, finding that the trade association is likely to succeed on the merits of its claim that the law violates the First and 14th amendments to the U.S. Constitution.

  • September 13, 2024

    Utah Judge Rules For Insurer In Coverage Dispute Over Ill. BIPA Violation Claims

    SALT LAKE CITY — A Utah judge entered judgment in favor of a general liability insurer in its declaratory judgment lawsuit disputing coverage for an underlying action alleging its insured violated the Illinois Biometric Information Privacy Act (BIPA), finding that various policy exclusions bar coverage.

  • September 13, 2024

    Judge Finds Jurisdiction, Standing In Medical Provider Data Breach Class Action

    SHERMAN, Texas — Plaintiffs who claim to have suffered loss of value in data and emotional distress from a breach of personal information at a medical provider’s practice correctly sued in federal court because they have standing and have adequately linked their damages to the breach, a federal judge in Texas said in partly denying and partly granting the provider’s motion to dismiss.

  • September 11, 2024

    BIPA Violation Suit Did Not Trigger Coverage, Illinois Majority Rules In Reversal

    CHICAGO — A majority of an Illinois appeals court panel on Sept. 10 held that an underlying lawsuit alleging that an insured violated the Biometric Information Privacy Act did not trigger coverage under its “Cyber, Data Risk, and Media Insurance” policies, reversing the lower court’s summary judgment ruling in favor of the insured and remanding for the court to enter summary judgment in favor of the insurer on the issue of its duty to defend.

  • September 10, 2024

    Hunter Biden Wins Attorney Fees From Laptop Files Poster

    SAN FRANCISCO — A California federal judge on Sept. 9 granted Hunter Biden’s motion for attorney fees against a conservative activist and his organization, whom Biden accuses of violating computer fraud laws and California’s unfair competition law (UCL) by posting data from his private laptop online, finding that Biden is entitled to fees incurred defending against a frivolous motion to strike pursuant to California’s anti-Strategic Lawsuit Against Public Participation (SLAPP) law.

  • September 10, 2024

    Health Care Biller Will Pay $2.8M To Settle Claims Against It In Data Breach MDL

    BOSTON — A federal judge in Massachusetts in a Sept. 9 order granted preliminary approval of a $2.8 million settlement to be paid by a health care billing company that is one of a number of defendants in a data breach multidistrict litigation (MDL) that was created in the federal court after a ransomware gang stole the personally identifiable information (PII) of nearly two million individuals from hundreds of businesses that use MOVEit software.

  • September 09, 2024

    3rd Circuit Issues 1 Personal Jurisdiction Ruling In 2 Wiretapping Software Cases

    PITTSBURGH — A split Third Circuit U.S. Court of Appeals panel in a single opinion addressing jurisdiction in two putative class cases involving wiretapping software affirmed dismissal of one lawsuit for lack of personal jurisdiction and vacated dismissal of the other and remanded for the trial court to apply the traditional test in Ford Motor Co. v. Mont. Eighth Jud. Dist. Ct.

  • September 06, 2024

    Judge ‘Cautions’ WhatsApp, Denies Reconsideration To Spyware Firm In Fraud Dispute

    OAKLAND, Calif. — A California federal judge on Sept. 5 denied a spyware firm’s motion for reconsideration of the judge’s order denying as moot the firm’s request to compel WhatsApp Inc.’s production of a privilege log in WhatsApp’s suit against the firm related to its alleged computer fraud because WhatsApp has now produced the log but “caution[ed]” WhatsApp that what it calls ‘“oversights’ may be grounds for a different type of sanction.”

Can't find the article you're looking for? Click here to search the Mealey's Data Privacy archive.