Mealey's Data Privacy
-
July 30, 2025
Privacy Claims Against Meta, Google Over Prescription Website May Proceed
SAN FRANCISCO — Consolidated claims that Google LLC and Meta Platforms Inc. intercepted and used the protected health information (PHI) of users of a health services website mostly survived a dismissal motion, with a California federal judge finding that the plaintiffs sufficiently alleged claims for invasion of privacy, unfair competition and unjust enrichment, among other things.
-
July 31, 2025
Women’s Dating Advice App ‘Ignored’ Data Security Before Hack, Plaintiffs Say
SAN FRANCISCO — Two women filed separate putative class action lawsuits in California federal court against the developer of the Tea app, where women post anonymously about dating men, accusing it of negligence and violation of California’s unfair competition law (UCL) after its database of users’ identity-verification photos and drivers’ license pictures was hacked and posted online.
-
July 31, 2025
After 23andMe’s Bankruptcy Sale, States Drop Suit Over Genetic Data Ownership
ST. LOUIS — One month after a Missouri federal bankruptcy judge approved the sale of the financially troubled 23andMe Inc. to a new company formed by one of the genetic testing company’s founders, a group of states on July 30 voluntarily dismissed their adversary proceeding in which they objected to the sale and the unilateral transfer of customers’ genetic data and personally identifiable information (PII).
-
July 30, 2025
Biometrics Claim Over Eufy Security Products Sufficiently Pleaded, Judge Rules
CHICAGO — A year and a half after she partly dismissed a claim against the manufacturer of “eufy” security cameras under Illinois’ Biometric Information Privacy Act (BIPA), an Illinois federal judge denied the defendant’s attempt to fully dispose of the claim, finding that the plaintiffs adequately alleged that the purported misuse of their biometric identifiers occurred in Illinois.
-
July 30, 2025
Driver AI Surveillance Data Collection Class Suit Settled With Lytx For $4.25M
EAST ST. LOUIS, Ill. — A $4.25 million class settlement between a class of drivers and a technology company was granted final approval by a federal judge in Illinois ending a lawsuit that accused a transportation company and a machine vision and artificial technology company of collecting and holding truck drivers’ biometric data when scanning their faces via a camera that employs artificial intelligence to monitor drivers in violation of the Illinois Biometric Information Privacy Act (BIPA); the transportation company previously paid a settlement of $56,800 for the benefit of 71 settlement class members.
-
July 30, 2025
Truck Drivers’ BIPA Claims Over In-Cab Cameras Partly Remanded
CHICAGO — Two truckers’ claims against their former employer under the Illinois Biometric Information Privacy Act (BIPA) were partly remanded for lack of jurisdiction under Article III of the U.S. Constitution, with an Illinois federal judge retaining jurisdiction over part of the claims while denying the trucking company’s motion to dismiss.
-
July 28, 2025
7 Suits Over University’s Data Breach Consolidated In Tennessee Federal Court
CHATTANOOGA, Tenn. — Seven separately filed putative class actions against a college that was hit by a data breach were consolidated by a Tennessee federal judge who granted the plaintiffs’ motion to that end, with the judge holding that maintaining separate suits “would pose unnecessary cost and delay,” while consolidation “will help ensure consistent and efficient adjudications.”
-
July 28, 2025
Judge Trims Claims In Suit Over Mortgage Company’s Ransomware Incident
DALLAS — A consolidated putative class action over a 2023 data breach and ransomware attack experienced by Mr. Cooper Group Inc. will proceed with fewer claims after a Texas federal judge partly granted the firm’s motion to dismiss, disposing of contractual and privacy claims.
-
July 23, 2025
VPPA Suit Against Stock Video Site Dismissed For Failure To State A Claim
NEW YORK — Although two plaintiffs alleged that a video-viewing website shared their viewing information with Meta Platforms Inc. via its pixel tracking tool, a New York federal judge found that they did not establish that the website shared any personal information that would permit an “ordinary person” to identify them from this viewing data, granting the site operator’s motion to dismiss for failure to state a claim.
-
July 23, 2025
Privacy Suit Against Data Broker Mostly Survives Dismissal Motion
OAKLAND, Calif. — A putative class action suit accusing a data broker of compiling a massive database including details on nearly every adult in the United States will largely proceed, with a California judge granting the broker’s dismissal motion only related to a claim for declaratory judgment, which he found did not qualify as a stand-alone claim.
-
July 22, 2025
State, Federal Suits Over Health Care Firm’s Data Breach Settle For $6.5 Million
ST. LOUIS — A Missouri state court judge granted final approval to an agreement that settles lawsuits against a health management services firm from two state courts and a federal court with a settlement fund of $6.5 million and attorney fees of $2 million.
-
July 22, 2025
Judge Approves Injunctive Relief-Only Settlement Of CareFirst Data Breach Suit
WASHINGTON, D.C. — A District of Columbia federal judge granted final approval to a settlement that resolved the lone remaining claim against CareFirst Inc. in a decade-old class action over a 2014 data breach, deeming the agreement, which provides only injunctive relief for the consolidated class, “fair, reasonable, and adequate.”
-
July 22, 2025
Doctor Insured: Hidden Cameras Constitute Physical Alteration, Loss Of Use
NEW YORK — A doctor argues to the Second Circuit U.S. Court of Appeals that a lower federal court erred in dismissing her breach of contract lawsuit seeking business interruption and umbrella coverage for her losses arising from discovery of hidden cameras at her dermatology office, asserting that the hidden cameras constituted a physical alteration and loss of use and satisfied her insurance policy’s direct physical loss or damage requirement.
-
July 21, 2025
Judge Dismisses Privacy Suits By FBI Agents Who Worked On Trump Cases
WASHINGTON, D.C. — Federal Bureau of Investigation agents and a nonprofit organization who in two complaints seek to stop the publication or dissemination of a list allegedly being compiled of FBI employees who were involved in investigating two events involving President Donald J. Trump have made claims that “are too speculative,” a federal judge in the District of Columbia ruled, granting a motion to dismiss filed by the U.S. Department of Justice (DOJ) and the United States.
-
July 18, 2025
On Day 2 Of Meta Trial, Zuckerberg, Officers, Directors Settle With Shareholders
WILMINGTON, Del. — On the second day of a trial in Delaware state court over shareholders’ claims of fiduciary breaches by the officers and directors of Meta Platforms Inc. (formerly Facebook Inc.) centering on the company’s high profile consumer privacy issues, the shareholders on July 17 filed a notice informing the court that the parties had settled the almost 15-year-old lawsuit.
-
July 18, 2025
Lawsuit Over Database Site’s Use Of Photos, Personal Info May Proceed, Judge Rules
SEATTLE — Two days after he denied a motion to compel arbitration by the operator of an online professional services database, a Washington federal judge also denied the company’s motions to dismiss and to strike class allegations, allowing putative class publicity rights claims to continue.
-
July 17, 2025
Dismissal Denied In Antitrust, Hacking Lawsuits Over Car Dealership Software
SAN FRANCISCO — A California federal judge issued rulings largely denying motions to dismiss in two lawsuits filed against each other by competitors in the auto dealership management system (DMS) market, which have accused each other of hacking proprietary data and antitrust violations blocking access to the market in violation of California’s unfair competition law (UCL) and antitrust law.
-
July 16, 2025
9th Circuit Affirms Dismissal Of Suit Against Microsoft, Says Microsoft Owns Data
SAN FRANCISCO — The Ninth Circuit U.S. Court of Appeals on July 15 affirmed a lower court’s order dismissing with prejudice a breach of contract suit filed by an internet security company against Microsoft Corp. alleging that Microsoft used the company’s services outside the scope of the contract to recover compromised account credential data, finding that the company’s allegations fail to show that Microsoft had a duty to limit its use of the data provided.
-
July 16, 2025
Stay Extended In Geisinger Data Breach Suit As Parties Finalize Settlement
WILLIAMSPORT, Pa. — Granting a joint motion to extend an existing stay in a consolidated, putative class action against a health care provider and its tech services vendor after a 2023 data breach, a Pennsylvania federal judge gave the parties 60 days to prepare a motion for preliminary approval of their recently announced settlement.
-
July 16, 2025
9th Circuit Affirms Dismissal Of California Wiretap Claims Over Converse Chat App
PASADENA, Calif. — A partly divided Ninth Circuit U.S. Court of Appeals panel agreed with a trial court’s dismissal of claims under the California Invasion of Privacy Act (CIPA) against Converse Inc., finding no evidence that the company wiretapped a plaintiff’s message to the company that was sent via a website chat app.
-
July 15, 2025
While Meta Seeks Mandamus Over Zuckerberg Deposition, Plaintiffs Move To Enforce
SAN FRANCISCO — Three days after Meta Platforms Inc. filed a petition for mandamus with the Ninth Circuit U.S. Court of Appeals, contending that the “apex doctrine” precludes a trial court’s order for the deposition of Chief Executive Officer Mark Zuckerberg, the plaintiffs alleging privacy violations from Meta’s purported gathering of their personal health information (PHI) from hospital websites asked the lower court to enforce the deposition order.
-
July 15, 2025
School District Asks High Court To Resolve Conflicting FERPA Interpretations
WASHINGTON, D.C. — Asserting that the congressional intent behind the Family Education Rights and Privacy Act of 1974 (FERPA) was to prevent the disclosure of student materials without the consent of students or parents, a school district filed a petition for certiorari, asking the U.S. Supreme Court to clear up conflicting court interpretations over enforcement of the statute alongside state public records acts (PRAs) and to find that it properly withheld surveillance videos sought in connection with bullying complaints.
-
July 14, 2025
Per Confidential Agreement In Blackbaud Data Breach MDL, Settlement Fund Approved
COLUMBIA, S.C. — In accord with a joint request by Blackbaud Inc. and the plaintiffs who sued it in a multidistrict litigation after a 2020 data breach, a South Carolina federal judge approved and established a qualified settlement fund (QSF) to be used in a confidential settlement of all claims against the cloud services company.
-
July 11, 2025
Google Settles Menstrual App Privacy Claims, Is Granted Stay From Pending Trial
SAN FRANCISCO — Two weeks before the scheduled start of a trial over privacy class claims related to an ovulation-tracking app, a California federal judge granted a motion to stay the case against one of the defendants — Google LLC — in light of its reported settlement in principle with the consolidated plaintiffs.
-
July 11, 2025
Debt Collector To Supreme Court: A Letter Is Not An Intrusion Upon Seclusion
WASHINGTON, D.C. — A debt collection firm filed a petition for certiorari, asking the U.S. Supreme Court to find that a single letter errantly sent to a debtor, rather than his attorney, is not comparable to the tort of intrusion upon seclusion and, thus, does not constitute a concrete injury sufficient to establish jurisdiction for a claim under The Fair Debt Collection Practices Act (FDCPA).