Mealey's Data Privacy
-
July 28, 2025
7 Suits Over University’s Data Breach Consolidated In Tennessee Federal Court
CHATTANOOGA, Tenn. — Seven separately filed putative class actions against a college that was hit by a data breach were consolidated by a Tennessee federal judge who granted the plaintiffs’ motion to that end, with the judge holding that maintaining separate suits “would pose unnecessary cost and delay,” while consolidation “will help ensure consistent and efficient adjudications.”
-
July 28, 2025
Judge Trims Claims In Suit Over Mortgage Company’s Ransomware Incident
DALLAS — A consolidated putative class action over a 2023 data breach and ransomware attack experienced by Mr. Cooper Group Inc. will proceed with fewer claims after a Texas federal judge partly granted the firm’s motion to dismiss, disposing of contractual and privacy claims.
-
July 23, 2025
VPPA Suit Against Stock Video Site Dismissed For Failure To State A Claim
NEW YORK — Although two plaintiffs alleged that a video-viewing website shared their viewing information with Meta Platforms Inc. via its pixel tracking tool, a New York federal judge found that they did not establish that the website shared any personal information that would permit an “ordinary person” to identify them from this viewing data, granting the site operator’s motion to dismiss for failure to state a claim.
-
July 23, 2025
Privacy Suit Against Data Broker Mostly Survives Dismissal Motion
OAKLAND, Calif. — A putative class action suit accusing a data broker of compiling a massive database including details on nearly every adult in the United States will largely proceed, with a California judge granting the broker’s dismissal motion only related to a claim for declaratory judgment, which he found did not qualify as a stand-alone claim.
-
July 22, 2025
State, Federal Suits Over Health Care Firm’s Data Breach Settle For $6.5 Million
ST. LOUIS — A Missouri state court judge granted final approval to an agreement that settles lawsuits against a health management services firm from two state courts and a federal court with a settlement fund of $6.5 million and attorney fees of $2 million.
-
July 22, 2025
Judge Approves Injunctive Relief-Only Settlement Of CareFirst Data Breach Suit
WASHINGTON, D.C. — A District of Columbia federal judge granted final approval to a settlement that resolved the lone remaining claim against CareFirst Inc. in a decade-old class action over a 2014 data breach, deeming the agreement, which provides only injunctive relief for the consolidated class, “fair, reasonable, and adequate.”
-
July 22, 2025
Doctor Insured: Hidden Cameras Constitute Physical Alteration, Loss Of Use
NEW YORK — A doctor argues to the Second Circuit U.S. Court of Appeals that a lower federal court erred in dismissing her breach of contract lawsuit seeking business interruption and umbrella coverage for her losses arising from discovery of hidden cameras at her dermatology office, asserting that the hidden cameras constituted a physical alteration and loss of use and satisfied her insurance policy’s direct physical loss or damage requirement.
-
July 21, 2025
Judge Dismisses Privacy Suits By FBI Agents Who Worked On Trump Cases
WASHINGTON, D.C. — Federal Bureau of Investigation agents and a nonprofit organization who in two complaints seek to stop the publication or dissemination of a list allegedly being compiled of FBI employees who were involved in investigating two events involving President Donald J. Trump have made claims that “are too speculative,” a federal judge in the District of Columbia ruled, granting a motion to dismiss filed by the U.S. Department of Justice (DOJ) and the United States.
-
July 18, 2025
On Day 2 Of Meta Trial, Zuckerberg, Officers, Directors Settle With Shareholders
WILMINGTON, Del. — On the second day of a trial in Delaware state court over shareholders’ claims of fiduciary breaches by the officers and directors of Meta Platforms Inc. (formerly Facebook Inc.) centering on the company’s high profile consumer privacy issues, the shareholders on July 17 filed a notice informing the court that the parties had settled the almost 15-year-old lawsuit.
-
July 18, 2025
Lawsuit Over Database Site’s Use Of Photos, Personal Info May Proceed, Judge Rules
SEATTLE — Two days after he denied a motion to compel arbitration by the operator of an online professional services database, a Washington federal judge also denied the company’s motions to dismiss and to strike class allegations, allowing putative class publicity rights claims to continue.
-
July 17, 2025
Dismissal Denied In Antitrust, Hacking Lawsuits Over Car Dealership Software
SAN FRANCISCO — A California federal judge issued rulings largely denying motions to dismiss in two lawsuits filed against each other by competitors in the auto dealership management system (DMS) market, which have accused each other of hacking proprietary data and antitrust violations blocking access to the market in violation of California’s unfair competition law (UCL) and antitrust law.
-
July 16, 2025
9th Circuit Affirms Dismissal Of Suit Against Microsoft, Says Microsoft Owns Data
SAN FRANCISCO — The Ninth Circuit U.S. Court of Appeals on July 15 affirmed a lower court’s order dismissing with prejudice a breach of contract suit filed by an internet security company against Microsoft Corp. alleging that Microsoft used the company’s services outside the scope of the contract to recover compromised account credential data, finding that the company’s allegations fail to show that Microsoft had a duty to limit its use of the data provided.
-
July 16, 2025
Stay Extended In Geisinger Data Breach Suit As Parties Finalize Settlement
WILLIAMSPORT, Pa. — Granting a joint motion to extend an existing stay in a consolidated, putative class action against a health care provider and its tech services vendor after a 2023 data breach, a Pennsylvania federal judge gave the parties 60 days to prepare a motion for preliminary approval of their recently announced settlement.
-
July 16, 2025
9th Circuit Affirms Dismissal Of California Wiretap Claims Over Converse Chat App
PASADENA, Calif. — A partly divided Ninth Circuit U.S. Court of Appeals panel agreed with a trial court’s dismissal of claims under the California Invasion of Privacy Act (CIPA) against Converse Inc., finding no evidence that the company wiretapped a plaintiff’s message to the company that was sent via a website chat app.
-
July 15, 2025
While Meta Seeks Mandamus Over Zuckerberg Deposition, Plaintiffs Move To Enforce
SAN FRANCISCO — Three days after Meta Platforms Inc. filed a petition for mandamus with the Ninth Circuit U.S. Court of Appeals, contending that the “apex doctrine” precludes a trial court’s order for the deposition of Chief Executive Officer Mark Zuckerberg, the plaintiffs alleging privacy violations from Meta’s purported gathering of their personal health information (PHI) from hospital websites asked the lower court to enforce the deposition order.
-
July 15, 2025
School District Asks High Court To Resolve Conflicting FERPA Interpretations
WASHINGTON, D.C. — Asserting that the congressional intent behind the Family Education Rights and Privacy Act of 1974 (FERPA) was to prevent the disclosure of student materials without the consent of students or parents, a school district filed a petition for certiorari, asking the U.S. Supreme Court to clear up conflicting court interpretations over enforcement of the statute alongside state public records acts (PRAs) and to find that it properly withheld surveillance videos sought in connection with bullying complaints.
-
July 14, 2025
Per Confidential Agreement In Blackbaud Data Breach MDL, Settlement Fund Approved
COLUMBIA, S.C. — In accord with a joint request by Blackbaud Inc. and the plaintiffs who sued it in a multidistrict litigation after a 2020 data breach, a South Carolina federal judge approved and established a qualified settlement fund (QSF) to be used in a confidential settlement of all claims against the cloud services company.
-
July 11, 2025
Google Settles Menstrual App Privacy Claims, Is Granted Stay From Pending Trial
SAN FRANCISCO — Two weeks before the scheduled start of a trial over privacy class claims related to an ovulation-tracking app, a California federal judge granted a motion to stay the case against one of the defendants — Google LLC — in light of its reported settlement in principle with the consolidated plaintiffs.
-
July 11, 2025
Debt Collector To Supreme Court: A Letter Is Not An Intrusion Upon Seclusion
WASHINGTON, D.C. — A debt collection firm filed a petition for certiorari, asking the U.S. Supreme Court to find that a single letter errantly sent to a debtor, rather than his attorney, is not comparable to the tort of intrusion upon seclusion and, thus, does not constitute a concrete injury sufficient to establish jurisdiction for a claim under The Fair Debt Collection Practices Act (FDCPA).
-
July 11, 2025
Privacy Suit Over TD Bank’s Use Of Meta Pixel Dismissed As Insufficiently Pleaded
CAMDEN, N.J. — A New York man’s putative class complaint over his bank’s purported sharing of his information with Meta Platforms Inc. was dismissed by a New Jersey federal judge, who found that the plaintiff failed to identify examples of his personal financial information (PFI) that were shared without his consent.
-
July 10, 2025
Forum Selection Clause Issue Certified For Appeal In Crypto Wallet Data Breach Row
SAN FRANCISCO — Declining to grant partial final judgment as to dismissed claims and defendants in a putative class action over a crypto-asset wallet firm’s 2020 data breach, a California federal judge, instead, granted interlocutory appeal on the issue of whether subcontractors of the wallet maker can avail themselves of a forum selection clause in the lead defendant’s terms of service (TOS).
-
July 09, 2025
Judge Stays FTC, Meta Dispute Over Privacy Consent Order Changes
WASHINGTON, D.C. — Granting a motion to stay by Meta Platforms Inc., a District of Columbia federal judge issued a minute order putting the brakes on a suit in which the social media company accuses the Federal Trade Commission of exceeding its constitutional authority related to a consent order over Meta’s purported privacy violations, finding that a decision in a parallel suit in the same district between the same parties will likely be dispositive on the present suit.
-
July 08, 2025
Bankruptcy Judge Approves $305 Million Purchase Of 23andMe And Data Transfer
ST. LOUIS — In approving the sale of bankrupt genetic-testing firm 23andMe Holding Co. to a company run by its former chief executive officer, a Missouri federal bankruptcy judge also approved the transfer of 23andMe’s customers’ genetic data to the purchaser, overruling the objections of states that had expressed concerns over privacy of the genetic data.
-
July 08, 2025
Argument Set For Data Brokers’ Motion To Dismiss Claims Over N.J. Data Shield Law
CAMDEN, N.J. — A few days after a New Jersey federal judge partly denied a group of data brokers’ motion to dismiss 42 lawsuits over a New Jersey law that prevents the disclosure of the data of law enforcement and other officials for safety reasons, he set an August argument date to consider arguments that the suit should be dismissed as unconstitutional and preempted by federal law.
-
July 07, 2025
3rd Circuit Affirms $3.2M In Attorney Fees, Costs In Wawa Data Breach Suit
PITTSBURGH — Assessing a trial court judge’s review on remand of a $3.2 million attorney fees and costs award to consumers’ class counsel in a class action over Wawa Inc.’s 2019 data breach, a Third Circuit U.S. Court of Appeals panel upheld the judge’s finding that the award did not contain a clear sailing agreement and was not the result of collusion.