Mealey's Data Privacy

  • September 08, 2023

    Meta Pixel Privacy Suit Discovery To Include Files Of Zuckerberg, Executives

    SAN FRANCISCO — Meta Platforms Inc.’s searches for documents responsive to the discovery requests of the plaintiffs in a consolidated lawsuit over alleged sharing of patients’ protected health information (PHI) via Meta’s Pixel product will include searches of the files of six Meta executives, including its Chief Executive Officer Mark Zuckerberg, a California federal magistrate judge ruled, finding that their files were likely to include “unique, relevant information” that would not be available to other custodians who are junior employees.

  • September 05, 2023

    Smart Insulin Pen, App User Says Company Shared Personal Data

    LOS ANGELES — A user of a smart insulin pen and its corresponding app sued the manufacturer in a California federal court, alleging that the company improperly shared users’ personally identifiable information (PII) and protected health information (PHI) to Google and other third parties.

  • August 24, 2023

    Negligence, UCL Claims Against Wells Fargo For $22,500 Account Hack Dismissed

    SAN DIEGO — A California federal judge mostly granted a motion by Wells Fargo Bank N.A. to dismiss an account holder’s claims related to a purported theft of funds from his bank account by hackers, finding that the plaintiff did not sufficiently plead most of his claims against the financial institution, including allegations of negligence and violation of California’s unfair competition law (UCL).

  • August 24, 2023

    Judge Orders Claimants To Give Names, Comply With CertainTeed Debtor’s Subpoena

    CHARLOTTE, N.C. — Thousands of people who settled mesothelioma claims with CertainTeed Corp. or its spinoff debtor DBMP LLC must identify themselves and comply with the debtor’s subpoena seeking information they submitted to asbestos trusts because they did not show that there are “exceptional circumstances” allowing them to proceed anonymously, a North Carolina federal judge held in affirming a bankruptcy judge’s decision.

  • August 24, 2023

    TikTok, Users Debate Whether Biometric MDL Settlement Bars New Privacy Suits

    CHICAGO — In briefs filed at the behest of an Illinois federal judge, TikTok Inc. and the plaintiffs from a group of recently consolidated privacy suits against the social media operator argue over whether the year-old settlement of a multidistrict litigation over TikTok’s collection of users’ facial scans and other biometric data precludes the new lawsuits’ putative class claims of privacy violations via the company’s in-app browser (IAB).

  • August 24, 2023

    Covington, SEC Given 30 More Days To Appeal Order Compelling Client List

    WASHINGTON, D.C. — In response to a joint stipulation filed by Covington & Burling LLP and the Securities and Exchange Commission, a District of Columbia federal judge stayed for another 30 days the execution of an order requiring the law firm to produce a list of the names of certain of its clients that the commission wants in conjunction with an investigation related to a cyberattack.

  • August 23, 2023

    Plaintiff: T-Mobile Board Beholden To Parent Company Couldn’t Stop AI Data Move

    WILMINGTON, Del. — A telecommunications company was helpless to prevent an “aggressive and reckless scheme” centralizing data for use in training artificial intelligence that placed the data and shareholders at risk because its board was beholden to its parent company, plaintiffs told a Delaware judge in opposing dismissal.

  • August 22, 2023

    4th Circuit Vacates Class Certification Ruling In Marriott Data Breach Suit

    RICHMOND, Va. — A trial court’s failure to consider the impact of a putative class waiver, to which relevant customers of Marriott International Inc. agreed, prior to certifying several classes related to the hotel chain’s data breach was an error, a Fourth Circuit U.S. Court of Appeals panel ruled, vacating the certification ruling and remanding for consideration of the waiver.

  • August 22, 2023

    Judge Remands UCL Suit Accusing Telehealth Company Of Disclosing Private Data

    SAN FRANCISCO — A California federal judge granted a plaintiffs’ motion to remand to state court their putative class action against a telehealth provider for allegedly sharing their data in violation of California’s unfair competition law (UCL) after finding the provider equitably estopped from contending that its place of business is in Massachusetts, not California.

  • August 21, 2023

    Magistrate Stays MOVEit Data Breach Suits Pending JPMDL Consolidation Decision

    MINNEAPOLIS — Two weeks after staying a putative class action over a hacking incident attributed to a file transfer app vulnerability, a Minnesota federal magistrate judge issued a revised ruling staying other cases over related data breaches in the same district pending a ruling by the U.S. Judicial Panel on Multidistrict Litigation (JPMDL) on a motion to consolidate all such cases.

  • August 17, 2023

    Judge:  Electronic Data Exclusion Bars Coverage For Home Depot’s Data Breach Loss

    CINCINNATI — A federal judge in Ohio held Aug. 16 that an insurance policy’s electronic data exclusion bars coverage for Home Depot’s losses stemming from a 2014 data breach, granting the insurers’ motions for summary judgment in Home Depot’s breach of contract and bad faith lawsuit seeking damages up to the full collective policy limits of $50 million.

  • August 04, 2023

    Louisiana Panel Reverses Ruling For Insurer In Suit Alleging Insured Stole Files

    BATON ROUGE, La. — A Louisiana appeals panel held that a residential mortgage broker’s electronic loan files are “tangible” under state law and, therefore, can be defined as “‘property’ that is susceptible to ‘loss of use’” under a competitor’s business liability insurance policy, reversing a summary judgment ruling in favor of an insurer that intervened in the broker’s lawsuit alleging that its insured used stolen files to broker mortgage loans for its customers.

  • August 04, 2023

    Magistrate Again Dismisses Suit Against Google For Remote Schooling Hack

    OAKLAND, Calif. — A California federal magistrate judge dismissed several claims brought against Google LLC by a minor child who claims that Google invaded his privacy while he was required to use a Google platform for remote schooling during COVID-19 and failed to prevent a hack of his computer device that resulted in a sexually explicit message being sent to his teacher.

  • August 03, 2023

    Mesothelioma Defendants Defend Need For Blood Draw, Genetic Testing

    LOS ANGELES — A couple alleging that a man’s asbestos exposure led to his mesothelioma cannot now seek to block a blood draw for genetic testing that could potentially identify a genetic mutation that could go to the heart of the causation question in the case, defendants tell a California judge.

  • August 03, 2023

    Consolidated Class Suit Over U-Haul Data Breach Mostly Dismissed

    PHOENIX— Mostly granting a dismissal motion by U-Haul International Inc., an Arizona federal judge disposed of 11 of 12 putative class claims brought against the company related to a 2022 breach of its network, finding most of the federal and state claims over the theft of U-Haul customers’ personally identifiable information (PII) to be insufficiently pleaded.

  • August 02, 2023

    Apple Wants Confidential Materials Sealed In Privacy Suit Over Siri Recording

    OAKLAND, Calif. — Responding to a motion to consider whether certain deposition materials should be sealed, which was filed by the plaintiffs in a putative class action over purported unauthorized recording by Apple Inc.’s Siri, Apple asked a California federal court to seal the items because they contain “highly confidential and proprietary sensitive information” about the digital personal assistant.

  • August 01, 2023

    Washington Appeals Court Reverses Medicaid Data Order In Opioid Case

    SEATTLE — The Washington Court of Appeals on July 31 reversed a state trial court’s ruling allowing the release of certain information about opioid-related Medicaid claims to defendants Johnson & Johnson and Janssen Pharmaceuticals Inc.

  • July 28, 2023

    Magistrate Rules Against Insurer in Coverage Dispute Over BIPA Violations

    CHICAGO — A federal magistrate judge in Illinois on July 27 denied an insurer’s motion for judgment on the pleadings in its lawsuit disputing coverage for an underlying class action alleging that its insured violated the Biometric Information Privacy Act (BIPA), concluding that neither the ejusdem generis or noscitur a sociis canon resolves an ambiguity in the policy’s “recording and distribution,” “access or disclosure” and “employment-related practices” exclusions and that the exclusions’ plain text is so broad that they “would eliminate statutory claims for the ‘personal and advertising injury’” the policies allege to cover elsewhere.

  • July 27, 2023

    Contract, Eavesdropping Claims Survive In Data-Sharing Suit Against Hospital

    CHICAGO — Although an Illinois federal judge dismissed most of the putative class claims related to a health care company’s sharing of patient information with Meta Platforms Inc. and Google LLC via a web beacon, he found that claims for breach of contract and eavesdropping were sufficiently pleaded to survive a dismissal motion.

  • July 27, 2023

    Class Claims Over Website Tracking Dismissed For Lack Of Jurisdiction

    SAN DIEGO — A wellness website user who brought a putative class complaint alleging that her and other users’ interactions on the site are recorded and replayed in violation of California privacy laws failed to show that a federal court in California has subject matter jurisdiction or general or specific personal jurisdiction over the website operator, a federal judge ruled, granting dismissal with leave to amend.

  • July 26, 2023

    Appeal Of OPM Data Breach Settlement Dismissed For Lack Of Objection, Prejudice

    WASHINGTON, D.C. — A District of Columbia Circuit U.S. Court of Appeals panel unanimously dismissed an appeal of the October 2022 final approval that settled the eight-year old class action over a 2015 data breach experienced by the U.S. Office of Personnel Management (OPM), finding that the appellant did not establish that she is a class member bound by the settlement or that “she has been stripped of a legal claim or otherwise been prejudiced by the order.”

  • July 25, 2023

    Covington Must Disclose Some Clients’ Names To SEC In Response To Subpoena

    WASHINGTON, D.C. — The Securities and Exchange Commission is entitled to have access to the names of certain clients of Covington & Burling LLP whose material nonpublic information (MNPI) was accessed during a cyberattack, a District of Columbia federal judge ruled July 24, partly granting the SEC’s motion to enforce the subpoena, while trimming the number of clients from a list of 298 to just seven that were deemed relevant to the commission’s investigation.

  • July 25, 2023

    $350 Million Settlement Of T-Mobile Data Breach Suit Receives Final Approval

    KANSAS CITY, Mo. — One year after he preliminarily approved settlement of a multidistrict litigation over a 2021 data breach experienced by T-Mobile US Inc. and T-Mobile USA Inc. (T-Mobile, collectively), a Missouri federal judge granted final approval, finding that the agreement satisfied the requirements of Federal Rule of Civil Procedure 23(e).

  • July 21, 2023

    2 Facebook Users Oppose Final Approval Of $725M Profile-Sharing Suit

    SAN FRANCISCO — Two class members in the consolidated class action over the sharing of Facebook users’ personally identifiable information (PII) with Cambridge Analytica filed an objection in California federal court to the preliminarily approved settlement, calling the proposed $725 million settlement amount “an unjustifiable 99.9% discount of available statutory damages” that “is neither fair, reasonable nor adequate.”

  • July 21, 2023

    Judge Approves $25 Million Settlement Of FTC’s Child Privacy Claims Against Amazon

    SEATTLE — A Washington federal judge approved a $25 million stipulated order between the Federal Trade Commission and Amazon.com Inc., settling the commission’s claims of privacy violations by the online retailer’s collection of children’s voice recordings and transcripts via Amazon’s Alexa digital assistant.

Can't find the article you're looking for? Click here to search the Mealey's Data Privacy archive.