Header graphic for print
Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Privacy Litigation

Subscribe to Privacy Litigation RSS Feed

Banks’ Class Certification Motion Trumpets Target Data Security Failings, Ignores Impact of Card Association Settlements

Posted in Class Action Litigation, Data Breach, Privacy Litigation

Card-issuing banks are forging ahead with their lawsuit against Target arising from the 2013 holiday shopping season data breach.  Their July 1 motion for class certification has just been unsealed, allowing a glimpse at plaintiffs’ version of the events during November and December 2013 that resulted in theft of payment card data for 40 million Target… Continue Reading

Privacy Monday – August 24, 2015 – Breaking News: FTC vs. Wyndham Update

Posted in Cybersecurity, Data Breach, Federal Trade Commission, Privacy Litigation, Privacy Monday

Rather than our usual Privacy Monday “bits and bytes,” we have a breaking story relating to the ongoing Wyndham/FTC saga. Today, Wyndham Worldwide Corp. lost a critical round in the Third Circuit.   Anticipated since April, 2014, the three-judge panel upheld U.S. District Judge Esther Salas’ ruling that the Federal Trade Commission (FTC) has the authority… Continue Reading

Breaking News: Target to Settle Data Breach Claims of Visa Card Issuers for $67 Million

Posted in Class Action Litigation, Data Breach, Privacy Litigation

Target has announced that it has entered into a settlement with Visa to resolve claims of issuers of Visa credit and debit cards arising from Target’s November 2013 data breach.  The proposed settlement will pay issuers of Visa payment cards up to $67 million to reimburse losses associated with the theft of card numbers from… Continue Reading

Neiman Marcus Chides Seventh Circuit Panel

Posted in Class Action Litigation, Data Breach, Privacy Litigation

Neiman Marcus Petition Claims that Seventh Circuit Decision Invents Harm to Find Standing to Bring Data Breach Claims Retailer Neiman Marcus has filed a petition seeking en banc review by the entire Seventh Circuit of the decision by a three-judge panel of that court in Remijas v. Neiman Marcus Group, LLC reversing dismissal of consumer data… Continue Reading

Change in the Prevailing Winds in Consumer Data Breach Cases?

Posted in Class Action Litigation, Data Breach, Privacy Litigation

Seventh Circuit Rules Consumers Have Standing to Sue in Neiman Marcus Payment Card Data Breach Case In Remijas v. Neiman Marcus Group, LLC, the Seventh Circuit reversed a district court decision dismissing consumer payment card data breach claims for lack of standing.  The appellate panel held that injuries consisting of 1) lost time and money resolving… Continue Reading

Home Depot Moves to Dismiss Bank Data Breach Claims on Standing and Ripeness Grounds

Posted in Class Action Litigation, Data Breach, Privacy Litigation

In its recently-filed motion to dismiss claims of card-issuing banks arising from the September 2014 theft of payment card data from Home Depot point of sale terminals, Home Depot employs an approach typically used to respond to consumer claims.  In payment card data breach cases, defendants typically argue that consumers lack standing to sue because card… Continue Reading

Data Breach Affects Millions of Current and Former Government Workers

Posted in Class Action Litigation, Data Breach, Data Compliance & Security, Employee Privacy, Identity Theft, Privacy Litigation, Security

The U.S. Office of Personnel Management (OPM) announced that hackers have stolen the personal information of approximately 4 million current and former federal employees, including names, birthdates and social security numbers.  OPM serves as the human resources department -and holds employee records – for the entire federal government, ranging from security clearances to the identities… Continue Reading

Home Depot Moves to Dismiss Consumer Data Breach Claims for Lack of Standing

Posted in Class Action Litigation, Data Breach, Privacy Litigation

Home Depot has staked its defense of consumer claims arising from the 2014 theft of payment card data from the home improvement retailer on the asserted absence of injuries sufficient to confer standing to sue.  Because consumers rarely sustain out-of-pocket losses when their payment card numbers are stolen, lack of standing is typically the primary… Continue Reading

Privacy Monday – June 1, 2015 – Courts Affirm Insurers’ Denial of Coverage for Electronic Data Claims  

Posted in Cybersecurity, Insurance, Privacy Litigation, Privacy Monday

Happy June – the first day of meteorological summer! In the last month, both a federal and state court denied coverage for claims relating to an insured’s handling of electronic data.  In the first case, a federal court held that there was no coverage under a cyber insurance policy for a claim alleging that the… Continue Reading

Failure to Obtain Required Retailer Approval Scuttles Target-MasterCard Data Breach Settlement

Posted in Class Action Litigation, Data Breach, Privacy Litigation

Target’s attempt to resolve claims of MasterCard-issuing banks through a $19 million private settlement with MasterCard has been terminated for failure of issuers of 90% of the affected cards to accept the settlement by the Wednesday, May 20 acceptance deadline.  Press reports on Friday, May 22 indicated that both Target and MasterCard had confirmed that… Continue Reading

CNA Denies Cyber Insurance Claim

Posted in Cybersecurity, Data Breach, Insurance, Privacy Litigation

Key takeaway:   The insurance applications and underwriting questionnaires prepared in connection with cyber insurance do matter. Cyber security, and cyber insurance, have dominated the industry headlines for several years now, but even as companies, brokers and insurers work to develop these products, there has been a dearth of case law interpreting key provisions.  This is beginning to change… Continue Reading

Breaking Down the DOJ Cybersecurity Unit’s Guidance on Responding to Cyberattacks

Posted in Cybersecurity, Data Breach, Data Compliance & Security, Privacy Litigation, Security

Another federal agency has weighed in with “guidance” on cybersecurity preparation and breach response.  The Department of Justice (DOJ) is the latest to issue guidance on how companies should respond to data breaches.   The guidance is not perfect, and in some respects is simply a recitation of existing best practices, but it is still valuable because… Continue Reading

Target and Card Issuers Dispute Use of MasterCard Settlement to Resolve Data Breach Claims

Posted in Class Action Litigation, Cybersecurity, Data Breach, Privacy Litigation

In the wake of Target’s April 15 announcement of a private $19 million settlement of the data breach claims of MasterCard-issuing banks, counsel representing the putative card issuer class in the consolidated Target data breach litigation moved to enjoin the proposed settlement, arguing that it is an improper end-run around the Minnesota federal court’s adjudication… Continue Reading

UPDATE: Target Confirms It Has Negotiated A $19 Million Data Breach Settlement With MasterCard

Posted in Class Action Litigation, Data Breach, Privacy Litigation

Target confirmed a report in the Wednesday edition of The Wall Street Journal of a settlement with MasterCard concerning claims of card-issuers arising from Target’s 2013 data breach.  The data breach, which occurred during the post-Thanksgiving holiday shopping season, compromised over 40 million credit and debit cards used to make purchases at Target stores. The… Continue Reading

Report: Target Close To $20M Data Breach Settlement With Master Card

Posted in Class Action Litigation, Data Breach, Privacy Litigation

According to a report published today in The Wall Street Journal, Target and MasterCard are close to reaching a settlement of the claims of MasterCard-issuing institutions in connection with Target’s 2013 data breach.  The settlement would reimburse the cost of reissuing debit and credit cards compromised by the breach, as well as a portion of… Continue Reading

Privacy Monday – April 6, 2015 – Play Ball! (and other privacy-related bytes)

Posted in Privacy Litigation, Privacy Monday

Not only is it Privacy Monday – it is OPENING DAY!   After this long, long winter … welcome back baseball! It’s usually an end-of-season tradition for some baseball writers and announcers, but I like to revisit it in the spring for what is ahead “in a green field, in the sun” — one of the greatest… Continue Reading

Precedent and the Price Explain Why Target and the Consumer Class Agreed to an Early Data Breach Settlement

Posted in Class Action Litigation, Data Breach, Data Breach Notification, Privacy Litigation, Uncategorized

On March 18, 2015 – just three months after denial of a motion to dismiss consumer claims arising from Target’s 2013 data breach – Target and the consumer class filed papers seeking approval of a settlement.  The proposed settlement agreement creates a  $10 million cash fund to be paid out to class members claiming actual damages arising from… Continue Reading

Target Data Breach Price Tag: $252 Million and Counting

Posted in Class Action Litigation, Cybersecurity, Data Breach, Data Breach Notification, Privacy Litigation

In a recently-released Form 8-K filing announcing fourth quarter and year-end financial results, Target Corporation reported that expenses incurred in 2014 relating to its 2013 data breach totaled over $191 million.  Those expenses were offset by $46 million in insurance proceeds, resulting in a $145 million charge against Target’s 2014 operating results.  The expenses incurred… Continue Reading

Register for our next Wednesday Webinar — February 25

Posted in Employee Privacy, Events and Webinars, HIPAA/HITECH, Identity Theft, Mobile Privacy, Privacy Litigation, Security, Social Media

Registration is open for the next installment in the Mintz Levin Privacy & Security Group Wednesday Webinar series — This webinar,  scheduled for Wednesday, February 25,  will focus on privacy in the workplace. Our workplace is everywhere these days, which makes employment and privacy compliance even more challenging. Jen Rubin and Gauri Punjabi will discuss… Continue Reading

Consumer Claims Survive Motion to Dismiss in Target Data Breach Class Action

Posted in Class Action Litigation, Data Breach, Privacy Litigation

Written by Kevin McGinty A recent ruling by Federal District Judge Paul Magnuson will permit most of the consumer claims in the Target data breach litigation to survive Target’s motion to dismiss.  This most recent ruling follows on the heels of the court’s December 2 decision partially denying Target’s motion to dismiss consolidated complaint of… Continue Reading

On the Fourth Day of Privacy, My Insurance Carrier Gave to Me…..

Posted in Cyber Risks Boardroom Series, Cybersecurity, Insurance, Privacy Litigation

gaps in my cyber liability coverage…………….. Written by Heidi Lawson and Danny Harary What can companies and insurers expect in the new year when it comes to cyber liability insurance coverage?  While we wait for some court decisions interpreting these new stand-alone cyber liability insurance policies that are being heavily pushed in the market, there… Continue Reading

On the Second Day of Privacy, Plaintiffs’ Counsel Gave to Me . . .

Posted in 12 Days of Privacy, Cybersecurity, Data Breach, Privacy Litigation

  . . . still more privacy litigation.  In 2015, we are likely to see further development of the law in data breach class actions, continuing growth in statutory privacy claims, and increased risk of privacy-related claims arising from burgeoning merger and acquisition activity. Written by Kevin McGinty and Meredith Leary “Trying to predict the future is a… Continue Reading

Privacy Monday: December 8, 2104 – The Twelve Days of Privacy 2014

Posted in 12 Days of Privacy, Cybersecurity, Data Compliance & Security, EU Data Protection Regulation, Insurance, Legislation, Mobile Privacy, Privacy Litigation, Privacy Monday, Privacy Regulation, Uncategorized

Our series last year was a reader favorite, so we decided to put our prognosticator hats on again and present:   Rather than look back at 2014, starting tomorrow, the Privacy & Security blog will count down The 12 Days of Privacy, looking ahead to what we might expect in 2015 and what we might… Continue Reading

Issuer Banks’ Claims in Target Data Breach Litigation Survive Motion to Dismiss

Posted in Class Action Litigation, Data Breach, Privacy Litigation

Written by Kevin Mc Ginty Federal District Judge Paul Magnuson has ruled that banks that issued credit and debit cards to customers whose data was stolen in the December 2013 Target data breach could continue to litigate claims against Target for negligence and violation of Minnesota’s Plastic Security Card Act (“MPCSA”), Minn. Stat. § 325E.64.  The… Continue Reading