-
June 09, 2026
SAN JOSE, Calif. — Two companies that operate the Grok artificial intelligence system asked a judge in a reply brief to compel a plaintiff who was granted permission to proceed under a pseudonym to use her real name, saying that doing so ensures federal rules are followed, furthers the public interest and does not implicate privacy concerns.
-
June 09, 2026
WASHINGTON, D.C. — The Federal Trade Commission ordered an education technology company to delete unnecessary data, limit future data retention and strengthen its information security program, resolving an administrative proceeding over alleged FTC Act violations tied to a breach that exposed the personal information of more than 10.1 million students.
-
June 09, 2026
WASHINGTON, D.C. — A group of Democratic organizations and lawmakers appealed the denial of preliminary injunctive relief in a District of Columbia federal court in consolidated challenges to President Donald J. Trump’s March 2026 voter data executive order (EO), while federal courts in related voter data litigation have dismissed or stayed several U.S. Department of Justice (DOJ) actions seeking unredacted statewide voter registration lists.
-
June 09, 2026
WASHINGTON, D.C. — The state of Wisconsin urged the U.S. Supreme Court to deny review of a Fourth Amendment challenge arising from a prosecution based on child sexual abuse material found after law enforcement viewed a hash-matched Snapchat CyberTip video without a warrant, arguing that the state high court’s private-search ruling was interlocutory, that the petition is a “poor vehicle” for resolving a circuit split and that the challenged issue would not affect the prosecution even if suppression were required.
-
June 04, 2026
BOSTON — Declining to issue an injunction pending appeal in a dispute that is playing out in two federal jurisdictions over a U.S. Department of Justice (DOJ) administrative subpoena, the First Circuit U.S. Court of Appeals said the movant “simplyhas not shown the irreparable harm required to obtain that ‘extraordinary’ relief.”
-
June 04, 2026
WASHINGTON, D.C. — In an 8-1 ruling issued June 4 by the U.S. Supreme Court in consolidated cases in which Verizon Communications Inc. and AT&T Inc. asserted constitutional challenges to the Federal Communications Commission’s enforcement of monetary forfeitures under the Communications Act, a majority held that the FCC’s forfeiture orders do not violate the Seventh Amendment to the U.S. Constitution because the forfeiture proceedings do not resolve the parties’ legal obligations.
-
June 04, 2026
WASHINGTON, D.C. — Invoking George Orwell’s warning that “‘Who controls the past controls the future; who controls the present controls the past,’” a District of Columbia federal judge partly granted preliminary injunction motions in two related challenges to the executive branch’s position that the Presidential Records Act (PRA) is unconstitutional, finding that the plaintiffs showed likely informational injury, reviewability, success on the merits, irreparable harm and a public interest in preserving presidential records during the litigation.
-
June 03, 2026
SAN FRANCISCO — A California federal judge granted final approval of a $1.2 million class action settlement and $5,000 service awards to both named plaintiffs in litigation alleging that a website operator violated the California Invasion of Privacy Act (CIPA) by using third-party trackers on a video game website to collect users’ IP addresses and other identifiers without consent, rendering the trackers unauthorized “‘pen registers’” under the statute.
-
June 01, 2026
WASHINGTON, D.C. — An individual whose personal data was allegedly accessed in a cyberattack filed a proposed class complaint in a District of Columbia federal court against a law firm, asserting that the firm failed to adequately safeguard sensitive information allegedly obtained from third parties and delayed notice for months after discovering unauthorized access to its systems.
-
May 29, 2026
LOS ANGELES — The California attorney general filed a complaint on behalf of the state against the successor entities of the 23andMe genetic testing company seeking civil penalties and injunctive relief for its alleged violations of California’s unfair competition law (UCL) and other laws based on the company’s failure to protect customers’ genetic data from a cyberattack.
-
May 29, 2026
SAN JOSE, Calif. — A California appeals court panel affirmed a lower court’s summary judgment ruling in favor of an excess errors and omissions insurer in Zoom Video Communications Inc.’s breach of contract lawsuit seeking coverage for the more than $6.6 million it paid to resolve a Federal Trade Commission (FTC) investigation and the $85 million that it paid to settle civil lawsuits challenging its data security practices, holding that the FTC’s civil investigative demand (CID) was not a claim to trigger coverage under the policy.
-
May 29, 2026
LOS ANGELES — A California federal judge largely granted motions to dismiss putative class claims brought by OnlyFans subscribers who say that they were deceived into paying extra fees to “chat” and share personal information with individual creators in violation of California’s unfair competition law (UCL) and other laws, when they in fact were talking with professional third-party “chatters,” dismissing most claims against the companies that operate the site but allowing a claim against the agencies that manage creators and chatters for sharing personal information.
-
May 29, 2026
LOS ANGELES — A California federal judge denied the National Collegiate Athletic Association (NCAA) and Turner Sports Interactive Inc.’s motion to stay a proposed class action alleging that third-party trackers on NCAA.com violated the pen register provision of the California Invasion of Privacy Act (CIPA) pending an appeal in an analogous website-tracking case, finding that the appeal did not justify delaying the litigation because its potential effect on the plaintiffs’ Article III standing theory was uncertain, resolution could take years and a stay could postpone relief for absent putative class members.
-
May 28, 2026
WASHINGTON, D.C. — The U.S. Supreme Court granted a joint motion to dismiss a petition for a writ of certiorari in putative class action litigation arising from an insurer’s data breach in which hackers gained access to nearly 3 million driver’s license numbers after the parties reached a settlement resolving the underlying dispute, leaving in place a Fourth Circuit U.S. Court of Appeals ruling that two named plaintiffs had Article III standing to seek damages based on the dark web posting of their driver’s license numbers.
-
May 28, 2026
DALLAS — One day after an insured and its cyber insurer filed a joint motion to dismiss, a federal judge in Texas dismissed the insured’s lawsuit seeking coverage for its more than $1.2 million in losses arising from a malware attack.
-
May 22, 2026
NEW YORK — A Missouri woman’s Video Privacy Protection Act (VPPA) putative class lawsuit against NBCUniversal Media LLC (NBCU) for allegedly improperly sharing her video-watching activities with third parties was properly dismissed for a third time by a federal judge in New York, a Second Circuit U.S. Court of Appeals ruled, opining that the woman’s “allegations are materially indistinguishable from the claims” in Solomon v. Flipps Media, Inc., which “is binding precedent in” the Second Circuit.
-
May 21, 2026
PITTSBURGH — A Pennsylvania federal magistrate judge granted summary judgment to a cybersecurity company and its former CEO in a long-running defamation dispute arising from the Federal Trade Commission’s investigation and enforcement action over a cancer-screening company’s alleged exposure of a patient information file on a peer-to-peer network, dismissing the remaining defamation per se claim over 2015 public statements describing the file as publicly available, exposed or leaked.
-
May 21, 2026
WASHINGTON, D.C. — A District of Columbia Superior Court judge denied Mark Zuckerberg’s motion to dismiss the District of Columbia’s complaint seeking to hold him personally liable for Facebook’s alleged privacy misrepresentations and omissions concerning third-party application access to user data and Cambridge Analytica’s misuse of that data, rejecting his arguments that the standalone action is barred by claim-splitting and collateral estoppel and that the court lacks personal jurisdiction over him.
-
May 20, 2026
LINCOLN, Neb.— A federal judge in Nebraska approved a $4 million class action settlement arising from a 2024 data breach that compromised the private information of current and former patients of a healthcare advisory firm’s clients, holding that class certification is appropriate, the settlement is fair, reasonable and adequate and the plaintiffs’ requested $1,333,333 in attorney fees and $2,500 service award for each class representative are both reasonable.
-
May 20, 2026
SAN FRANCISCO — A California federal judge allowed claims to proceed against Meta Platforms Inc., which operates Facebook and Instagram, and Google LLC, which develops the Android mobile operating system, in consolidated putative class action litigation alleging that Meta exploited Android operating system vulnerabilities to deanonymize users’ web-browsing activity through the Meta Pixel and Facebook and Instagram apps but dismissed with leave to amend claims based on alleged “‘pen-register use,’” unjust enrichment and Google’s alleged privacy and security misrepresentations.
-
May 19, 2026
SAN FRANCISCO — A California federal judge dismissed two claims brought under the California Invasion of Privacy Act (CIPA) of a putative amended class action complaint alleging that the parent companies of Burger King transmitted website users’ data to third parties for advertising purposes despite cookie opt-outs, finding that the plaintiff failed to plead reasonable and good faith conduct supporting equitable tolling of the one-year limitations period.
-
May 18, 2026
CHICAGO — The Seventh Circuit U.S. Court of Appeals on May 15 affirmed a lower court’s dismissal of a suit against Meta Platforms Inc. and multiple parties filed by a man who said he was defamed by posts made about him in the Are We Dating the Same Guy? Facebook group, finding in part that the claim for violation of the Illinois Right of Publicity Act (IRPA) fails because the man did not allege that his likeness was used for a commercial purpose.
-
May 15, 2026
OAKLAND, Calif. — A California federal judge denied a motion for reconsideration filed by users of Dropbox Inc. seeking to revisit an order compelling arbitration in a putative class action over an alleged Dropbox data breach, finding that a user agreement prompt satisfied the online contract-formation test because a “reasonably prudent internet user” would understand that clicking “‘I agree’” assents to both the document being signed and Dropbox’s terms of service.
-
May 14, 2026
PHILADELPHIA — A Third Circuit U.S. Court of Appeals panel affirmed a Delaware federal judge’s dismissal of a biometric privacy putative class action that alleged that Illinois callers’ voiceprints were unlawfully collected, holding that a Georgia-based voice-authentication vendor was exempt under a financial-institution exemption in the Illinois Biometric Information Privacy Act (BIPA) and that claims against Amazon Web Services Inc. (AWS) failed because the alleged conduct did not occur in Illinois.
-
May 13, 2026
LOS ANGELES — A California federal judge partly dismissed a website-tracking suit brought by a self-described privacy “tester,” dismissing a Federal Wiretap Act claim with leave to amend because the website operator was a party to the alleged website communications and the complaint did not plead an independent criminal or tortious purpose but preserving a “trap and trace” claim brought under the California Invasion of Privacy Act (CIPA) and an intrusion upon seclusion claim.