Newsletter RSS

Mealey's Data Privacy

  • November 18, 2025

    Stay Denied Due To No Irreparable Injury Showing In Centralized Database Case

    WASHINGTON, D.C. — A federal judge in the District of Columbia in a Nov. 17 opinion noted doubt about “the lawfulness of” the federal government’s centralized database of Americans’ personal data but denied a motion for a stay filed by several nonprofits and individuals based on the failure to demonstrate irreparable injury as the database changes have already been made.

  • November 18, 2025

    N.C. Judge Approves $2.45M Website Tracking Software Settlement With Health System

    RALEIGH, N.C.  — A North Carolina state court judge on Nov. 17 approved a class action settlement between patients and former patients of a hospital system and the hospital system in a suit asserting that software on the hospital’s website captured their information and sent it to Facebook without their consent, finding that the $2.45 million settlement “is fair, reasonable, adequate, and in the best interest of the settlement class.”

  • November 18, 2025

    Texas Dental Practice Will Pay $1M To End Patients’ Data Breach Class Suit

    AMARILLO, Texas — A Texas-based dental and orthodontic care practice accused of failing to protect the personally identifiable information (PII) and private health information (PHI) of more than 3,800 patients will pay $1 million to settle two patients’ class action complaint, according to a final settlement approval signed by a judge in Texas.

  • November 14, 2025

    ‘Opt-Outs’ From $95 Million Siri Eavesdropping Settlement Appeal To 9th Circuit

    OAKLAND, Calif. — Nearly 13,000 purported class members and objectors who allegedly opted out of a $95 million settlement of a 6-year-old class action accusing Apple Inc. of collecting unauthorized recordings of Apple device users via its Siri digital assistant filed notice in California federal court that they will appeal the court’s final approval of the settlement to the Ninth Circuit U.S. Court of Appeals.

  • November 13, 2025

    Judge Issues $4.4 Million Final Judgment In Meta Fraud Suit Against Spyware Firm

    OAKLAND, Calif. — A California federal judge on Nov. 12 issued a final judgment of $4,447,190 in favor of WhatsApp Inc. (now known as WhatsApp LLC) and its parent company Facebook Inc. (now known as Meta Platforms Inc.) and against NSO Group Technologies Ltd. and its parent company after a jury found that the defendants violated a California computer fraud law in a suit accusing the defendants of acquiring unauthorized access to individuals’ WhatsApp accounts.

  • November 12, 2025

    Panel Affirms Denial Of Motion For Surveillance, GPS Evidence In Drug Arrest Appeal

    MIAMI — An 11th Circuit U.S. Court of Appeals panel affirmed a lower court judge’s denial of a defendant’s motion to compel production of evidence that was the basis for a search warrant of his home, comprising audio/video surveillance, GPS data and the identity of a confidential informant, finding that the defendant failed to show on appeal the evidence sought was material and that he “only speculated that the evidence would be exculpatory.”

  • November 12, 2025

    University Of Pennsylvania Alumna Files Class Suit Following Data Breach

    PHILADELPHIA — The University of Pennsylvania (UPenn) failed to protect its network containing personally identifiable information (PII) of students, alumni, faculty and donors, resulting in cybercriminals obtaining access to the university’s systems and sending “‘a series of mass emails’” to more than 700,000 people that were critical of the university’s security practices and institutional culture, a UPenn alumna alleges in a putative class complaint filed against the school’s trustees in a federal court in Pennsylvania.

  • November 11, 2025

    Consolidation Of 13 Data Breach Class Action Cases Granted, Interim Counsel OK’d

    MILWAUKEE — A Wisconsin federal judge consolidated 13 class action lawsuits against a corporation over a 2023 data breach that exposed personal information of its employees and clients; the judge additionally granted the consolidated plaintiffs’ request to appoint interim co-lead class counsel and an executive committee to oversee the coordinated litigation.

  • November 10, 2025

    Government Gets OK For Amicus Argument In High Court Subpoena Case

    WASHINGTON, D.C. — In its Nov. 10 order list, the U.S. Supreme Court granted a motion by the U.S. Solicitor General to participate as amicus curiae and for divided oral argument on Dec. 2 in a dispute concerning a non-self-executing subpoena for information including the identity of pregnancy center donors.

  • November 07, 2025

    Federal Judge Grants Final Approval Of $1.35M Settlement Of Data Breach Suit

    BALTIMORE — A Maryland federal judge granted final approval of a $1.35 million settlement of negligence, contractual and other claims in a consolidated lawsuit brought against a health care provider following a 2023 data breach, holding that the “settlement is fair, reasonable, and adequate” and satisfies the requirements of Federal Rule of Civil Procedure 23.

  • November 07, 2025

    Election Watchdogs Urge Supreme Court Review Of Voter Data Access Dispute

    WASHINGTON, D.C. — Election integrity advocacy groups filed amicus curiae briefs urging the U.S. Supreme Court to review a Third Circuit U.S. Court of Appeals ruling that vacated a lower court’s order and dismissed for lack of standing a suit seeking disclosure of voter record data under the National Voter Registration Act (NVRA), arguing that the case tests whether denial of access to legally required public information can constitute an injury sufficient to establish standing under Article III of the U.S. Constitution.

  • November 06, 2025

    Ransomware Data Breach Class Suit Resolved With $1.9M Settlement

    MINNEAPOLIS — A Minnesota federal judge entered judgment after granting final approval to a $1.9 million settlement resolving class claims including for violation of California’s unfair competition law (UCL) against a data hosting vendor on behalf of individuals whose personal data was hacked during a ransomware attack on the vendor’s accounting and health care customers, with the plaintiffs’ counsel awarded more than $633,000 in attorney fees.

  • November 05, 2025

    Health Care Data Breach Settlement Giving Up To $5,000 Per Claimant Wins Approval

    NASHVILLE, Tenn. — A federal judge in Tennessee has determined that a settlement of class claims over a health care provider’s 2023 data security incident is “fair, reasonable, and adequate,” making official the judge’s prior ruling that granted preliminary approval to an agreement that provides payments of up to $5,000 for each claimant in the settlement class. The judge also approved attorney fees and expenses totaling $3.1 million.

  • November 04, 2025

    Judge Dismisses Coverage Suit Over Claims Dental Office Violated Privacy Rights

    CHICAGO — Four days after a commercial general liability insurer filed a notice of voluntary dismissal, a federal judge in Illinois on Nov. 3 dismissed without prejudice the insurer’s lawsuit seeking a declaration that it has no duty to defend or indemnify for an underlying putative class action alleging that its dental office insured violated privacy rights through its use of internet tracking that collected private information without notice and without consent.

  • November 04, 2025

    California, Sling TV Settle Action Alleging Violations Of Data Privacy Laws

    LOS ANGELES — California Attorney General Rob Bonta announced a settlement between the state of California and streaming service Sling TV LLC in an action alleging that the streaming service violated the California Consumer Privacy Act (CCPA) by not providing easy-to-use opt-out methods for consumers who choose to stop the sale of their personal information and not providing sufficient privacy protections for children.

  • November 03, 2025

    DOJ Subpoena Seeking Gender-Affirming Care Patient Data Quashed By Federal Judge

    SEATTLE — A Washington federal judge granted a gender-affirming care provider’s motion to quash a U.S. Department of Justice subpoena that sought patient medical and communications data, holding that the subpoena was politically motivated, overbroad and an abuse of investigative authority; in the same order, the judge denied the provider’s motion to seal proceedings but granted its motion to strike a DOJ praecipe that improperly introduced new evidence in violation of local rules.

  • November 03, 2025

    Parties In Workers’ Duty-Free Shops Data Breach Case Stipulate To Dismissal

    CENTRAL ISLIP, N.Y. — A federal judge in New York on Oct. 31 dismissed a putative class action by two former employees against the operators of airport duty-free shops after the parties stipulated to dismissal of the individual and class claims without prejudice; the stipulation of dismissal was filed two months after the case was stayed pending mediation.

  • October 31, 2025

    Trio Of Dismissal Rulings Issued In Data Breach Snowflake MDL

    BUTTE, Mont. — Less than a week after granting final approval of two class settlements totaling $13.5 million, a federal judge in Montana issued a trio of orders addressing motions to dismiss filed in a multidistrict litigation over data breaches experienced by Snowflake Inc., a data storage firm, that impacted a number of its clients.

  • October 31, 2025

    N.J. High Court Will Consider Whether Data Shield Law Liability Needs Mens Rea

    TRENTON, N.J. — The New Jersey Supreme Court accepted two certified questions from the Third Circuit U.S. Court of Appeals, agreeing to consider whether a finding of liability under a New Jersey law that provides for deletion of public officials’ private information from data brokers’ records requires a determination of a defendant’s mental state.

  • October 29, 2025

    Sports Streaming Company Tells High Court Circuit Split Over VPPA Is ‘Illusory’

    WASHINGTON, D.C. — A sports streaming company filed a brief urging the U.S. Supreme Court to deny a Texas woman’s petition for certiorari in which she asks the court to determine what constitutes “personally identifiable information” (PII) under the Video Privacy Protection Act (VPPA), writing that the issue is of “dwindling importance” and that the petitioner’s claimed circuit split over the issue is “illusory” and “merely semantic.”

  • October 29, 2025

    Medical Center Did Not Violate Privacy Act, California Federal Judge Says

    SAN FRANCISCO — A California federal judge entered judgment in favor of a medical center following the issuance of two summary judgment orders in which the judge determined that a claim alleging violation of the California Invasion of Privacy Act (CIPA) based on the center’s use of Meta Platforms Inc.’s code to track website activity and later target ads to Facebook users cannot proceed because the medical center did not violate the statute, which the judge described in one of the orders as “badly drafted.”

  • October 29, 2025

    Merits Briefing In Subpoena Case Concludes; High Court Sets Argument

    WASHINGTON, D.C. — The U.S. Supreme Court has scheduled oral argument for Dec. 2 in a dispute concerning a non-self-executing subpoena for information including the identity of pregnancy center donors, and merits briefing concluded with the filing of three amicus curiae briefs by entities that — like the respondent, New Jersey’s attorney general — urge the high court to affirm the challenged ruling against the center operator.

  • October 28, 2025

    2 Settlements Totaling $13.5M Approved In Snowflake MDL

    BUTTE, Mont. — A federal judge in Montana issued two orders granting final approval of $3.5 million and $10 million settlements with The Neiman Marcus Group LLC and Advance Auto Parts Inc. and Advance Stores Co. Inc. (together, Advance), respectively, in a multidistrict litigation over data breaches experienced by a data storage firm.

  • October 28, 2025

    Speedway’s $12.1M Settlement Approved In Worker’s Finger-Scan Class Case

    CHICAGO — A federal judge in Illinois granted final approval of a more than $12.1 million class settlement by Speedway LLC, ending a worker’s complaint accusing the company of unlawfully collecting, using, storing and disclosing workers’ biometric data.

  • October 27, 2025

    Judge Joins Cases Against Otter.ai Related To Notetaker App Privacy Concerns

    SAN FRANCISCO — A judge in California federal court has consolidated litigation brought by individuals who argue that Otter.ai Inc. does not obtain prior consent of all participants in a virtual meeting before its Notetaker transcription app is engaged to record a conversation, ruling that claims brought by multiple plaintiffs involve substantially similar allegations and claims.