Photo of Amy Heath

Amy Heath

Amy Heath is a class action and commercial litigator. She has significant experience with matters involving privacy, contract, consumer protection, fraud, unfair competition, antitrust, and intellectual property claims for clients in the technology, financial services, and consumer products sectors, among others. Before joining the firm, Amy clerked for the Honorable Michelle T. Friedland of the United States Court of Appeals for the Ninth Circuit and the Honorable Lucy H. Koh, then of the United States District Court for the Northern District of California. Amy maintains an active pro bono practice that focuses on direct services for individual clients.

Before practicing law, Amy served as an intelligence analyst.

The Ninth Circuit recently held that the Children’s Online Privacy Protection Act, which gives the Federal Trade Commission  authority to regulate the online collection of personal information from children under the age of 13, does not preempt consistent state law, potentially increasing the risk of class action litigation based on

Continue Reading Ninth Circuit Holds COPPA Does Not Preempt Consistent State Law Claims Premised on COPPA Violations

In a new post on the Inside Class Actions blog, our colleagues discuss a recent Fourth Circuit opinion holding that statements about the importance a company places on data security are not actionable following a data breach.  The case, In re Marriott International, Inc., — F.4th —-, No.
Continue Reading Fourth Circuit Holds Statements About Importance of Data Security Not Actionable

On Thursday, the Illinois Supreme Court unanimously ruled in McDonald v. Symphony Bronzeville Park LLC that the exclusivity provisions of the state’s workers’ compensation statute do not preclude liquidated damages claims under the Biometric Information Privacy Act.  The decision narrows the defenses available to employers facing employment-related BIPA claims.

Illinois’s Workers’ Compensation Act generally provides the exclusive means by which an employee can recover against an employer for a work-related injury and requires such claims to be adjudicated before the Illinois Workers’ Compensation Commission, subject to several exceptions.  One of those exceptions is for injuries that are not compensable under the Workers’ Compensation Act.  At issue in McDonald was whether an alleged employment-based BIPA violation—here, the alleged use of a fingerprint-based timekeeping system without the required disclosures or consent—was the type of injury covered by the Workers’ Compensation Act.
Continue Reading Illinois Supreme Court Rules Workers’ Compensation Act Does Not Bar BIPA Liquidated Damages Claims

Last week, in a decision that confirms the viability of cy pres settlements in privacy class action cases, the Ninth Circuit affirmed approval of a class action injunctive relief and cy pres-only settlement in In re Google Inc. Street View Electronic Communications Litigation, No. 20-15616, 2021 WL 6111383.  The case featured Wiretap Act claims based on Google Street View vehicles’ collection of “payload data,” including emails, passwords, and documents that Internet users transmitted over unencrypted Wi-Fi networks.
Continue Reading Ninth Circuit Affirms Approval of Injunctive Relief and Cy Pres Settlement of Google Street View Privacy Claims

Last year, Apple’s iOS14 incorporated a new feature notifying users when an app copied from the iPhone’s clipboard.  The feature resulted in media scrutiny for a number of well-known apps, some of which faced putative class action lawsuits as a result.  A court in the Eastern District of California recently dismissed one such suit, Mastel v. Miniclip SA, No. 2:21-cv-00124 (E.D. Cal.).  In that decision, the court rejected a broad interpretation of telephone “instrument” under the California Invasion of Privacy Act (“CIPA”), concluding that non-telephonic smartphone functionality does not constitute a telephone instrument.
Continue Reading California Federal Court Adopts Narrow Reading of Telephone “Instrument” Under the California Invasion of Privacy Act