Archives: Litigation

Subscribe to Litigation RSS Feed

Court Certifies Nationwide Class in Yahoo Email Scanning Litigation

Last Tuesday, District Judge Lucy Koh of the Northern District of California partially granted the plaintiffs’ motion for class certification in In re Yahoo Mail Litig., allowing the plaintiffs to pursue their claims for injunctive relief on behalf of class members under the Stored Communications Act (“SCA”) and California’s Invasion of Privacy Act (“CIPA”).  The plaintiffs, … Continue Reading

Supreme Court to Consider Whether Actual Harm is Required to Recover Under the Fair Credit Reporting Act

On Monday, the U.S. Supreme Court granted certiorari and agreed to consider Robins v. Spokeo, Inc., in which the U.S. Court of Appeals for the Ninth Circuit held that Thomas Robins had adequately alleged Article III standing to sue website operator Spokeo, Inc. (“Spokeo”) under the Fair Credit Reporting Act (FCRA), 15 U.S.C. § 1681 … Continue Reading

Solicitor General Urges Supreme Court To Leave Spokeo Ruling In Place

In the closely-watched case of Spokeo, Inc. v Robins, the Solicitor General recently filed an amicus brief urging the Court to deny certiorari and leave in place the 9th Circuit’s holding, which could encourage the rising tide of privacy class action litigation.  The Solicitor General’s brief—coauthored by the Consumer Financial Protection Bureau—argued that the dissemination … Continue Reading

D.C. Circuit Hears Oral Arguments in Urban Outfitters ZIP Code Lawsuit

Last week, the D.C. Circuit heard oral argument in the lawsuit filed against Urban Outfitters and Anthropologie over their collection of customer ZIP codes at the point of sale.  The plaintiffs alleged that the practice of requesting ZIP codes at the point of sale during credit card transactions violated two D.C. statutes, the Consumer Protection … Continue Reading

FTC and Wyndham to Mediate Dispute Over FTC Data-Security Authority

Earlier this week, U.S. District Court Judge Esther Salas directed the Federal Trade Commission (“FTC”) and Wyndham Hotels and Resorts to seek mediation to resolve their landmark dispute over whether the FTC has the authority to regulate companies’ data-security practices.  As we’ve previously reported, the FTC alleged that Wyndham violated Section 5 of the FTC … Continue Reading

Another Court Finds That an Automated SMS Platform is Not an ATDS

By Ani Gevorkian Last week, the U.S. District Court for the Southern District of California issued an opinion regarding the definition of  an “Automatic Telephone Dialing System” (“ATDS”) under the Telephone Consumer Protection Act (“TCPA”).  The opinion follows a small but growing number of cases holding that courts have their own ability to interpret the … Continue Reading

Forever 21 Faces Point-of-Sale Data Collection Class Action Lawsuit

Fast fashion retailer Forever 21 Retail Inc. faces a putative class action lawsuit alleging that the retailer violated California law by requesting and recording shoppers’ credit card numbers and personal identification information at the point-of-sale. Forever 21 shopper Tamar Estanboulian filed the lawsuit on September 7 in U.S. District Court for the Central District of … Continue Reading

Court Grants in Part and Denies in Part Yahoo’s Motion to Dismiss ECPA Claims

On Tuesday, August 12, 2014, the Northern District of California’s Judge Lucy Koh issued an order granting in part and denying in part Yahoo’s motion to dismiss claims that it violated federal and California anti-wiretapping laws. The putative class action, In re Yahoo Mail Litig., alleges that Yahoo’s practice of intercepting, scanning, analyzing, collecting, and … Continue Reading

Court Dismisses CFAA, ECPA, and Other Claims in Privacy Class Action Opperman v. Path

On May 14, a judge in the Northern District of California granted in part and dismissed in part four motions to dismiss filed by defendants in the consolidated class action, Opperman v. Path (No. 3:13-CV-00453-JST). The plaintiffs alleged that apps offered by a number of developers (“App Defendants”) accessed and uploaded information from plaintiffs’ mobile … Continue Reading

Ninth Circuit Holds Facebook IDs and URLS Not “Content” under ECPA

Last Thursday, the United States Court of Appeals for the Ninth Circuit affirmed dismissal of claims for violations of the Electronic Communications Privacy Act (“ECPA”), holding that the plaintiffs had failed to allege Facebook and Zynga disclosed the “contents” of a communication, a necessary element under the Act. The court’s ruling applies to the consolidated … Continue Reading

Breaking Down the Court’s Decision in FTC v. Wyndham Worldwide Corp.

Last week, a federal judge in the District of New Jersey denied Wyndham Hotels and Resorts’ motion to dismiss the FTC’s complaint alleging Wyndham violated the FTC Act by failing to provide reasonable security for its customers’ personal information.  This Covington E-Alert provides a detailed look at the parties’ arguments and the court’s holdings in … Continue Reading

Judge Denies Wyndham’s Motion to Dismiss, Allowing FTC’s Case to Proceed

Earlier today, in a long-awaited decision, Judge Salas of the District of New Jersey denied Wyndham Hotels and Resorts’ motion to dismiss a Federal Trade Commission (“FTC”) lawsuit alleging Wyndham violated Section 5 of the FTC Act by failing to provide “reasonable” security for the personal information of its customers.  The case has been closely watched … Continue Reading

Appeals Court Affirms Dismissal of “Shine the Light” Suits

Last week, the U.S. Court of Appeals for the Ninth Circuit affirmed lower-court dismissals of two lawsuits under California’s “Shine the Light” law.  Shine the Light (or “STL”) requires businesses that disclose customers’ personal information to third parties for those parties’ direct marketing purposes to respond to customer requests for information about such disclosures.  The … Continue Reading

Federal Court Dismisses Data Breach Suit Alleging Only Speculative Harms

On Monday, February 12, a Southern District of Ohio district court dismissed two proposed class actions relating to an October 2012 Nationwide Mutual Insurance Co. data breach. Galaria v. Nationwide Mutual Ins. Co., No. 2:13-cv-118 (S.D. Ohio Feb. 10, 2014); Hancox v. Nationwide Mutual Ins. Co., No. 2:13-cv-257 (S.D. Ohio Feb. 10, 2014). The court … Continue Reading

Justice Department Allows More Transparency on Government Demands for Customer Information in National Security Investigations

By Jim Garland, David Fagan, and Alex Berengaut On January 27, 2014, the Attorney General and Director of National Intelligence announced that the U.S. government will allow Internet companies and telecommunications providers to disclose more information about government demands for customer data in national security investigations.  The government’s new transparency policy addresses legal demands served … Continue Reading

Judge Reduces Punitive Damages Against Equifax in FCRA Suit

A federal judge on Wednesday reduced a jury’s punitive damages award against Equifax from more than $18 million to $1.62 million, after finding that the jury’s award was unconstitutionally excessive despite Equifax’s “reprehensible” conduct in violating the Fair Credit Reporting Act. Plaintiff Julie Miller sued Equifax under FCRA for failing to correct mistakes in the … Continue Reading

California AG Sues Company for Slow Breach Response, “Public” Display of Social Security Numbers

California Attorney General Kamala Harris has sued the Kaiser Foundation Health Plan for failing to promptly notify employees about a 2011 data breach.  California’s breach notice law requires breaches of personal information to be disclosed “in the most expedient time possible and without unreasonable delay.” Harris alleges that Kaiser violated this requirement after taking too … Continue Reading

Court Strikes Net Neutrality Rules, Leaves Path for Other Broadband Regulations

A federal appeals court struck down key parts of the Federal Communications Commission’s Open Internet Order in a Jan. 14 decision, ruling that the FCC’s “net neutrality” rules improperly regulate broadband providers like “common carriers” — such as providers of traditional telephone service — even though the FCC has classified broadband providers as not subject … Continue Reading

Senators Call for Hearing on Data Security in Wake of Target Data Breach

A number of investigations and inquiries, including a call for a hearing in Congress on December 30, 2013, have been sparked by the announcement by Target Corp. that a massive security breach of approximately 40 million of its customers’ credit and debit card accounts used at brick-and-mortar Target stores occurred between November 27 and extending through … Continue Reading

Court Tosses Claims Against Google and Others Based on Safari Hack

By Katherine Gasztonyi Last week, Judge Robinson of the District of Delaware dismissed a multi-district lawsuit claiming that Google, Vibrant Media, Media Innovation Group, and WPP violated federal privacy and computer security laws by allegedly circumventing browser privacy settings in order to track users online. This lawsuit stems from a February 17, 2012, Wall Street … Continue Reading

Court Denies Google’s Motion to Dismiss Gmail Wiretap Claims

In a decision issued last week that is being described by some as a “landmark,” Judge Koh of the Northern District of California denied a motion to dismiss a complaint filed against Google alleging that its Gmail service unlawfully intercepts the contents of emails sent by and to Gmail users.  The case involves Google’s longstanding … Continue Reading

HHS to Issue Guidance on HIPAA Marketing Restrictions

In a court filing on September 11, 2013, attorneys for the U.S. Department of Health and Human Services (HHS) announced that HHS intends to issue further guidance on certain new marketing restrictions under HIPAA, finalized last January as part of the final HITECH omnibus rule, and to delay enforcement of those new marketing restrictions until … Continue Reading

Federal Court Finds Stored Communications Act Applies to Facebook Wall Posts

A New Jersey federal court recently held that an employee’s Facebook wall posts were protected by the Stored Communications Act (“SCA”), 18 U.S.C. § 2701 et seq., in one of the first cases to analyze the SCA’s application to the Facebook wall.  Ehling v. Monmouth-Ocean Hospital Service Corp.., No. 2:11-cv-3305 (WMJ) (D.N.J. Aug. 20, 2013).  An … Continue Reading
LexBlog