Photo of Amy Doolittle

Amy Doolittle

Contact:Read more about Amy Doolittle

On January 24, 2025, the Supreme Court granted certiorari in Lab. Corp. of Am. Holdings v. Davis, Case No. 24-304, on the question of “[w]hether a federal court may certify a class action pursuant to Federal Rule of Civil Procedure 23(b)(3) when some members of the proposed class lack any Article III injury.” In TransUnion LLC v. Ramirez, 594 U.S. 413, 431 (2021), the Supreme Court made clear that “[e]very class member must have Article III standing in order to recover individual damages,” but the Court did not answer the question of when a class member’s standing must be established and whether a class can be certified if it contains uninjured class members.Continue Reading Supreme Court to Decide Whether Federal Courts May Certify a Class with Uninjured Class Members

On March 22, the Western District of Washington granted a motion to remand cases removed from state court in In re Fred Hutchinson Data Security Litigation, 2:23-cv-01893-JHC, 2024 WL 1240681 (W.D. Wash. March 22, 2024). In doing so, it highlighted for litigators and companies alike a lesson in the importance of understanding how courts determine citizenship when determining diversity jurisdiction under the Class Action Fairness Act (“CAFA”).Continue Reading Relying on CAFA’s Discretionary “Home-State” Exception, Federal Court Punts Data Breach Class Action Back to State Court

Earlier this fall, the Fourth Circuit vacated the district court’s class certification order in the Marriott data breach MDL because of the potential applicability of a class action waiver defense. See In re Marriott Int’l Consumer Data Security Breach Litig., 78 F.4th 677 (4th Cir. 2023). Our post on this decision can be found here. On remand, the district court took little time to conclude that Marriott had waived the class action waiver in the Choice of Law and Venue provision of the putative class members’ contracts and that regardless “the adhesive provision, buried on the last page of the Terms cannot direct this Court to ignore the provisions of Rule 23 of the Federal Rules of Civil Procedure.”  In re Marriott Int’l Consumer Data Security Breach Litig., 2023 WL 8247865 (D. Md. Nov. 29, 2023). The district court thus reinstated the classes as earlier certified.Continue Reading District Court Quickly Reinstates Class Certification in Marriott Data Breach Litigation

Data breaches are an all-too-familiar issue, affecting businesses of all sizes and across all industries. Beyond dealing with the operational and reputational impacts and other resulting fallouts of a data breach, businesses also face enhanced class action litigation risk.

A recent high-profile case serves as a valuable reminder that companies should consider reliance upon a well-established mechanism of mitigating class action litigation risk. In In re Marriott International, Inc., Consumer Data Security Breach Litig., 78 F.4th 677 (4th Cir. 2023), the Fourth Circuit Court of Appeals reversed the district court’s certification order in a data breach class action dispute due to the effect of a class action waiver signed by all putative class members. The Marriott decision demonstrates how class action waivers can be utilized as a core strategy for mitigating heightened data breach litigation risks.Continue Reading Recent Marriott Data Breach Class Action Decision Underscores the Importance of Class Action Waivers

2021 has been a monumental year in many ways, and consumer financial privacy litigation and enforcement was no exception.  In the executive branch, the Biden Administration focused on strengthening individual privacy protections and limiting the disclosure of sensitive data.  Meanwhile, the Supreme Court’s decision in TransUnion LLC v. Ramirez continues to have a long-lasting impact

Earlier this week, in the context of a data incident involving a health care company, an Arizona federal court determined that plaintiffs had Article III standing but then went on to dismiss plaintiffs’ claims for failure to state a claim, although it granted plaintiffs leave to amend.  Griffey v. Magellan Health, 20210 U.S. Dist. LEXIS

CPW has been covering data breach litigations for quite some time, including dismissal of defective data breach complaints and the ongoing federal circuit split regarding Article III standing.  Yesterday, for the first time, a court certified a Rule 23(b)(3) class action of individual consumers complaining of a data breach involving payment cards.  See In

There were a number of things that took me off guard with respect to the Supreme Court’s opinion yesterday in Uzuegunam v. Preczewski, Case No. 19-968.  First, apparently for the first time in the 16 years he has been on the Court, the Chief Justice was the lone dissenter in a case.  I was also

CPW has previously reported on the anticipated impact of a Biden presidency on data privacy and data privacy litigation.  In an update to that prior analysis, President Biden has reportedly selected Lina Khan, a prominent antitrust scholar and professor at Columbia Law School, for a vacancy at the Federal Trade Commission (“FTC”).  Khan’s nomination