Mealey's Data Privacy
-
August 02, 2024
Data Breach Class Suits Against Health Care Provider, IT Vendor Consolidated
SCRANTON, Pa. — A federal judge in Pennsylvania has consolidated nine putative class actions against Geisinger Health and its third-party information technology services vendor stemming from the Nov. 29 discovery that a former employee of the vendor had accessed and acquired the personally identifiable information (PII) and personal health information (PHI) of individuals who received health care from the provider.
-
August 01, 2024
Ohio Panel Affirms Discovery Ruling For Estate Administrator In Wrongful Death Case
CLEVELAND — Finding that the operators of a group residential facility for children failed to establish that information and documents sought by the administrator of the estate of a boy who died while under their care falls under the Health Insurance Portability and Accountability Act (HIPAA) or “is subject to any privilege such that they would be protected from discovery,” an Ohio appellate court affirmed a lower court’s ruling granting the administrator’s motion to compel.
-
July 31, 2024
Judge Nixes Claim That Facial Recognition In Samsung App Violates Data Privacy Law
CHICAGO — A federal judge in Illinois has granted a motion to dismiss a class action lawsuit against Samsung Electronics America Inc. brought by individuals who allege that facial recognition technology in Samsung’s Gallery photo application violates the Illinois Biometric Information Privacy Act (BIPA), ruling that the allegations are “insufficient” to show that the data constitute a biometric identifier or biometric information.
-
July 31, 2024
8th Circuit Reverses Attorney Fees Awarded In T-Mobile Data Breach Settlement
ST. LOUIS — A trial court abused its discretion in striking one of two objections to the $78.75 million attorney fees portion of a $350 million data breach class settlement between customers and T-Mobile US Inc., an Eighth Circuit U.S. Court of Appeals panel ruled, opining that the fees awarded were “unreasonable.”
-
July 30, 2024
Meta Will Pay $1.4 Billion To Settle Texas’ Biometric Data Privacy Lawsuit
MARSHALL, Texas — Meta Platforms Inc., formerly known as Facebook Inc., will pay $1.4 billion to end claims by Texas that it captured and used the personal biometric data of millions of state residents, according to an agreed final judgment filed in a Texas court on July 30.
-
July 29, 2024
Health Care Providers Sue, Allege Health Care Industry ‘Immobilized’ By Data Breach
MINNEAPOLIS — Health care providers in 21 states filed a class complaint in a federal court in Minnesota against a health insurer subsidiary that they say touches “one-in-three U.S. patient records” after a data breach allegedly carried out by hackers known as “ALPHV/Blackcat” accessed an unprotected network using an employee’s credentials and “wreaked havoc on the healthcare industry.”
-
July 25, 2024
California Woman Says Retailer Used AI Company To Illegally Analyze Calls
VENTURA, Calif. — A clothing retailer uses a third-party artificial intelligence company to intercept and analyze customer calls in violation of California law, a woman alleges in a class action filed in California state court.
-
July 24, 2024
Converse Granted Summary Judgment In Class Suit Over Privacy Of Chat Feature
LOS ANGELES — A Converse Inc. website user who sued the footwear and clothing company alleging that its website’s chat features recorded users’ messages without consent failed to establish any violation of California’s Invasion of Privacy Act (CIPA), including allegations that Converse aided and abetted third-party vendor Salesforce Inc., a federal judge in California ruled granting the retailer’s motion for summary judgment.
-
July 24, 2024
Judge Dismisses Putative Class Suit Against Google For Health Care Data Collection
SAN FRANCISCO — A California federal judge dismissed a consolidated class action complaint in which 12 anonymous plaintiffs accused Google LLC of violating of federal privacy statutes and California’s unfair competition law (UCL) by providing source code for “pixel tracking” of their private health care data, writing that the plaintiffs’ “vague” claims do not establish that Google intended to collect or did in fact receive their data.
-
July 24, 2024
Federal Judge: Email Recipient Who Sued Over ‘Spy Pixels’ Showed No Concrete Injury
PHILADELPHIA — An Arizona woman who filed a class complaint against Urban Outfitters Inc. (UO) over alleged embedded trackers in the company’s email that record, without consent, if and when marketing emails are opened failed to allege any concrete harm, a Pennsylvania federal judge ruled, dismissing the woman’s complaint for lack of standing.
-
July 24, 2024
In Data Breach Dispute, Plaintiff Raised Defense Of Judicial Estoppel Too Late
BOSTON — Claims arising from an alleged health data breach brought against a cybersecurity company should not be resolved under the doctrine of judicial estoppel because the company delayed in invoking the doctrine as an affirmative defense to such a degree that it prejudiced the plaintiff, a Massachusetts federal judge found in denying the cybersecurity company’s motion for judgment on the pleadings.
-
July 24, 2024
Federal Judge Dismisses Deceptive Trade Practices Claim In Data Breach Class Suit
NEW YORK — Union members who in a putative class complaint accuse their union of not keeping their personal information secure failed to sufficiently allege a claim under New York’s Deceptive Trade Practices Act (DTPA) as they did not allege that they “ever saw or relied upon the website’s privacy policy” and their “counsel conceded during oral argument that plaintiffs had not viewed it,” a federal judge in New York ruled, granting in part a motion to dismiss filed by UNITE HERE.
-
July 23, 2024
Florida Federal Judge Remands Data Breach Class Action For No Diversity
TAMPA, Fla. — A federal judge in Florida has remanded a class action against a Tampa hospital filed in the wake of a data breach, citing the absence of “minimal diversity” and calling the hospital’s argument for removal under the Class Action Fairness Act (CAFA) “wrong three times over.”
-
July 23, 2024
Plaintiffs Seek Preliminary Approval Of $115M Class Settlement With Oracle
SAN FRANCISCO — Plaintiffs have moved in California federal court seeking preliminary approval of a $115 million class settlement in a dispute with Oracle America Inc. over allegations that the company’s business practices “amount to a deliberate and purposeful surveillance of the general population via their digital and online existence.”
-
July 23, 2024
Getty Images Says Stability Stole For AI At ‘Staggering Scale’
WILMINGTON, Del. — In an amended complaint in a Delaware federal court, one of the world’s largest digital content distributors accuses artificial intelligence company Stability AI Ltd. of “brazen infringement” at a “staggering scale” through the copying of more than 12 million photographs from the company’s collection.
-
July 22, 2024
Claims Trimmed From Remanded Crypto Wallet Data Breach Suit
SAN FRANCISCO — A cryptocurrency wallet firm and two of its business partners saw their motions to dismiss a suit over a 2020 data breach partly granted, as a California federal judge found some claims to be preempted by a forum selection clause and others to be insufficiently pleaded.
-
July 19, 2024
Judge Tosses Most Of SEC Complaint Over Cyberattack For Failure To Show Falsity
NEW YORK — A federal judge in New York on July 18 largely dismissed a first-of-its-kind suit brought by the Securities and Exchange Commission against a software company and its head of information security accusing them of issuing false statements about the company’s software that was the target of alleged state-sponsored cyberattacks from Russia, finding that many of the SEC’s claims “impermissibly rely on hindsight and speculation.”
-
July 18, 2024
Consolidated Class Alleges Negligence, Consumer Fraud Over Mr. Cooper Data Breach
DALLAS — More than six months after a Texas federal judge consolidated more than a dozen putative class actions against a mortgage servicer Mr. Cooper Group Inc. over a 2023 data breach, the plaintiffs filed a consolidated complaint in which they bring claims for breach of contract, negligence and violation of a bevy of state consumer statutes against the company.
-
July 18, 2024
Meta Opposes Pixel Privacy Plaintiffs’ Bid To Reopen Discovery Briefing
SAN FRANCISCO — Disputing that it has reached an impasse with the plaintiffs who sued it for privacy violations related to the Pixel tracking tool, Meta Platforms Inc. asked a California federal court to reject their “manufactured urgency” in discovery proceedings and maintain a magistrate-ordered briefing moratorium while the parties continue discovery negotiations.
-
July 17, 2024
Judge Dismisses BetterHelp Customers’ Data Privacy Claims With Leave To Amend
SAN FRANCISCO — A California federal judge granted in part and denied in part an online therapy company’s motion to dismiss consolidated class action claims that it violated California’s unfair competition law (UCL) and several other statutes by failing to adequately protect customers’ personal data, finding certain claims insufficiently pleaded but granting the plaintiffs leave to amend.
-
July 16, 2024
County, Hospital Seek Dismissal Of Suit Over Minor Patient’s Surveillance
SAN DIEGO — Invasion of privacy, civil rights and other claims against San Diego County, a hospital and other parties over in-hospital surveillance of a suspected child abuse victim merit dismissal for failure to allege specific violations by individual defendants, among other reasons, the defendants tell a California federal court.
-
July 15, 2024
9th Circuit Affirms Remand Of Data-Sharing Class Claims Against Medical Center
PASADENA, Calif. — A Ninth Circuit U.S. Court of Appeals panel affirmed a judge’s ruling remanding putative class action claims for invasion of privacy and violation of California’s unfair competition law (UCL) against a health care provider based on its usage of various tracking tools in its website and app, finding that federal directives regarding online patient access do not create “federal officer jurisdiction.”
-
July 12, 2024
On Remand, Judge Dismisses Kids’ Privacy Claims Against YouTube, Google
SAN JOSE, Calif. — A California federal magistrate judge court granted YouTube LLC, Google LLC and several YouTube kids’ channel-operators’ motion to dismiss minor plaintiffs’ putative class claims for violating their privacy and consumer protection statutes, including California’s unfair competition law (UCL), by collecting the minors’ personally identifiable information (PII).
-
July 12, 2024
Anonymous Messaging App And Founders Must Pay $5M, Ban Minors Under Consent Order
LOS ANGELES — The Federal Trade Commission and the state of California jointly filed a consent order in California federal court with a company that operates an anonymous messaging app and two of its founders requiring the defendants to pay $5 million and permanently enjoining the company from allowing minors to use its app, resolving claims that the company violated the Children’s Online Privacy Protection Act (COPPA), California’s unfair competition law (UCL) and other laws.
-
July 10, 2024
Insurer Disputes Coverage For BIPA Suits Over Food Phone Orders Handled By AI
CHICAGO — A businessowners insurer filed suit in an Illinois federal court seeking a declaratory judgment that it owes no coverage for two underlying putative class action lawsuits alleging that its insured and two franchise restaurants violated the Illinois Biometric Information Privacy Act (BIPA) when they used the insured’s voice artificial intelligence technology to handle phone orders from customers.