Written by Amy Malone Earlier this month, we reported on the privacy case against craft giant Michaels Stores (see our blog post here, as well as our client alert here) in which the plaintiff alleged that Michaels illegally collected zip codes during credit card transactions. The case was ultimately dismissed by the federal district court,… Continue Reading
Category Archives: Privacy Litigation
Subscribe to Privacy Litigation RSS FeedHannaford Data Breach Class Action Certification: Denied
Posted in Class Action Litigation, Data Breach, Privacy LitigationWritten by Kevin McGinty Damages issues continue to bedevil would-be data breach class action plaintiffs. A long and growing line of cases holds that consumers cannot maintain claims arising from theft of their personal or financial data without alleging that the theft resulted in financial injury. One notable exception to this trend was the First… Continue Reading
Google: Better to Seek Forgiveness Than Permission?
Posted in Class Action Litigation, Privacy LitigationWritten by Amy Malone For years, Google has been blazing trails in the technology world and along the way they have been caught in a few snares. The latest entanglement wrapped up this week as the company settled a two-year investigation led by an executive committee that represents 38 states and the District of Columbia… Continue Reading
Zip Code as Personal Information: The Massachusetts Round 2
Posted in Class Action Litigation, Data Compliance & Security, Privacy LitigationYesterday, the Massachusetts Supreme Judicial Court (“SJC”) ruled that zip codes constitute “personal identification information” under G.L. c. 93. The question of law came to the SJC from the U.S. District Court for Massachusetts stemming from Tyler vs. Michaels Store, Inc, which was dismissed in January. This ruling echoes California’s 2011 decision that the Song-Beverly… Continue Reading
Activity at the Federal Trade Commission
Posted in Federal Trade Commission, Privacy Litigation, Privacy RegulationWritten by Amy Malone There is much going on at the Federal Trade Commission (FTC) these days, particularly in the privacy arena. In addition to the settlements discussed below, today the White House confirmed that President Obama will nominate Edith Ramirez as Chair of the FTC, replacing outgoing Chairman Jon Leibowitz. Path Settlement: Path, a… Continue Reading
#3 in our 2013 Issues Series: Privacy of Mobile Applications
Posted in Data Compliance & Security, Privacy Litigation, Privacy RegulationAs we continue our “new year, new look” series into important privacy issues for 2013, we boldly predict: Regulatory Scrutiny of Data Collection and Use Practices of Mobile Apps Will Increase in 2013 Mobile apps are becoming a ubiquitous part of the everyday technology experience. But, consumer apprehension over data collection and their personal privacy… Continue Reading
“Fly Delta” May Get Grounded by California Attorney General
Posted in Class Action Litigation, Privacy Litigation, Privacy RegulationWritten by Evan Nadel and Jake Romero Delta Airlines, Inc. may have to pay fines equal to 20 “excess bag” fees for each user that has downloaded its “Fly Delta” mobile application. California Attorney General Kamala Harris has filed a complaint against Delta, alleging that Delta has failed to conspicuously post a privacy policy on… Continue Reading
The Tale of Two Banks: Final Settlement in Maine Bank Security Practices Case and a Failure of Bank Security Procedures in Florida
Posted in Identity Theft, Privacy LitigationIn a case that we have written about here and here, People’s United Bank of Maine has agreed to pay about $ 390,000 to settle a claim that its security practices allowed unauthorized persons to withdraw funds from a construction company’s account (Patco Construction Co. v. People’s United Bank, D. Me., No. 09-503, agreed dismissal filed 11/19/12)…. Continue Reading
The FTC Fires Back Against Wyndham
Posted in Data Breach, Data Breach Notification, Federal Trade Commission, Privacy Litigation, Privacy RegulationWritten by Adam Veness The Federal Trade Commission (the “FTC”) has filed its response to the Wyndham Hotel & Resorts LLC’s (“Wyndham”) Motion to Dismiss. More information about Wyndham’s Motion can be seen in an earlier blog post here. In its response, the FTC rebuts Wyndham’s Motion and argues three main points: 1) the FTC… Continue Reading
Checked your insurance policies lately?
Posted in Data Breach, Privacy LitigationWritten by Nancy Adams In a ruling that might provide a new path to data breach insurance coverage, DSW Shoe Warehouse, Inc. has prevailed in its attempt to obtain insurance coverage for losses associated with a data breach under a commercial crime policy. The Sixth Circuit Court Appeals, in Retail Ventures, Inc. et al. v…. Continue Reading
FTC Sues Wyndham Hotels
Posted in Data Breach, Federal Trade Commission, Privacy LitigationWritten by Amy Malone The Federal Trade Commission (FTC) has announced that it has filed suit in U.S. District Court in Phoenix against Wyndham Worldwide Corporation and three of its subsidiaries. The lawsuit cites “alleged data security failures that led to three data breaches at Wyndham hotels in less than two years.” The breaches in question… Continue Reading
FTC v. Myspace Part II — The Takeaways
Posted in Data Compliance & Security, Federal Trade Commission, Online Advertising, Privacy Litigation, Privacy RegulationThe FTC has again provided us with a road map to compliance through the Myspace consent order. Here are the takeaways that should concern every company with an online presence. Keeping the FTC Out of Your Space — The Takeaways Much can be learned from how the FTC has evaluated the adequacy of Myspace’s privacy policy… Continue Reading
Does an employer invade an employee’s privacy by accessing and reviewing the employee’s email?
Posted in Employee Privacy, Privacy LitigationA recent Massachusetts Superior Court decision, Falmouth Firefighters Union v. Town of Falmouth, answers “no.” Our colleagues over at the Mintz Levin Employment Matters blog have posted an analysis of this interesting decision and the takeaways for employers — particularly Massachusetts employers. Read more here.
Supreme Court Holds that Warrantless “Trespass” in Placement of GPS Device on Vehicle Constitutes an Unreasonable Search Violative of the Fourth Amendment
Posted in Privacy Litigation, US Supreme CourtWritten by Paul E. Pelletier The Chinese Year of the Dragon started with a bang as the Supreme Court issued a much anticipated ruling in this Fourth Amendment case that was neither brave nor innovative. In United States v. Antoine Jones the Court chose to affirm the district and circuit courts’ Fourth Amendment ruling on… Continue Reading
First Circuit Finds that Fraud Mitigation Costs Can Constitute Cognizable Damages, Reinstates Some Previously Dismissed Claims in Hannaford Data Breach Litigation
Posted in Data Breach Notification, Privacy Litigation Written by Kevin McGinty In yet another privacy class action addressing the question of whether data breach claimants have suffered legally cognizable damages, the First Circuit’s ruling in Anderson v. Hannaford Bros. Co., Nos. 10-2384, 10-2450 (1st Cir. Oct. 20, 2011), reversed the trial court’s dismissal of negligence and implied contract claims arising from… Continue Reading
SEC Guidance to Public Companies: Evaluate and Disclose Cybersecurity Risks
Posted in Class Action Litigation, Data Breach, Data Compliance & Security, Privacy LitigationThe Securities and Exchange Commission (SEC) has issued guidance to public companies with respect to disclosure relating to cybersecurity and data breach risks. This release is from the Commission’s Division of Corporation Finance and is not a rule or regulation — but it is clear that public companies that ignore the advice in the Disclosure… Continue Reading
Court: Protections of Electronic Communications Privacy Act Extend to Non-US Citizens
Posted in Privacy LitigationWritten by Julia Siripurapu In an important ruling for Internet service providers, the U.S. Court of Appeals for the Ninth Circuit has unanimously affirmed the ruling of a district court that the provisions of the Electronic Communications Privacy Act of 1986 (ECPA) prohibiting internet service providers from disclosing the contents of stored communications protect the U.S.-stored… Continue Reading
Privacy Class Actions – It’s Still About the Damages
Posted in Class Action Litigation, Online Advertising, Privacy LitigationWritten by Kevin McGinty In a mixed decision, a federal court judge in New York dismissed federal statutory claims arising from Web-based advertisers’ use of cookies that tracked users’ Web browsing activities, but denied a motion to dismiss claims under state law. The plaintiff in Bose v. Interclick alleged that Interclick and clients McDonalds, CBS, Mazda… Continue Reading
