In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.
No Injury = No Article III Standing in Data Breach Class Action
As we have discussed here at CPW, one of the biggest challenges facing a plaintiff in a data breach class action is to establish an injury from the alleged data breach. Earlier this week, in David De Midicis v. Ally Bank & Ally Fin., Inc., 2022 U.S. Dist. LEXIS 137337 (S.D.N.Y. Aug. 2, 2022), the
One of today’s most pressing topics in Illinois Biometric Information Privacy Act (“BIPA”) class action litigation is the Illinois Supreme Court’s much-anticipated opinion in Cothron v. White Castle Sys. (covered extensively by SPB team member Kristin Bryan in CPW articles here, here, here, and here, and discussed in SPB’s 2022 Q2
Last week, a California federal court held that a plaintiff lacked Article III standing to bring a putative class action in federal court for violations of the Fair and Accurate Credit Transactions Act (“FACTA”) amendments to the Fair Credit Reporting Act (“FCRA”), 15 U.S.C. § 1681 et. seq. As a result, the case was remanded back to the California state court where the plaintiff chose to file his complaint.
In Kamel v. Hibbett, Inc., No. 8:22-cv-01096-RGK-E, 2022 U.S. Dist. LEXIS 130753 (C.D. Cal. July 22, 2022), the plaintiff alleged that he made a purchase with his credit card at one of the defendants’ stores and received a receipt which contained ten digits of his credit card number. Continue Reading California Federal Court Grants Plaintiff’s Motion to Remand FACTA Class Action to State Court
In a record-setting proposed settlement filed last week, T-Mobile has agreed to pay $350 million and boost its data security by $150 million over the next two years to resolve multidistrict litigation brought by T-Mobile customers whose data was allegedly exposed in a 2021 data breach. Read on for the terms of the settlement, which may serve as a model in other high stakes data security cases going forward.
Recall that in August 2021, T-Mobile disclosed that it had been the victim of a cyberattack that resulted in the compromise of some current, former and prospective customers’ SSN, name, address, date of birth and driver’s license/ID information the “Data Event”). By T-Mobile’s account, no “customer financial information, credit card information, debit or other payment information” was exposed in the attack. Nevertheless, over 40 putative class action claims were filed seeking damages for the improper disclosure of Plaintiffs’ personal information. In December 2021, the Judicial Panel on Multidistrict Litigation transferred and centralized the putative class actions into the MDL standing before the Western District of Missouri.Continue Reading T-Mobile Agrees in MDL to Record Setting $350 Million Data Breach Settlement to Resolve CCPA and Other Privacy Claims
Special thanks to our Summer Associate, Nyet Abraha, for her work on this blog.
Carnival Cruise Line, one of the largest international cruise lines, has agreed to pay $6 million to resolve claims brought by state attorneys general in response to a 2019 data breach. In March 2020, Carnival reported a data breach that compromised
Thanks to our Summer Associate, Maya Thomas, for her work on this timely blog.
2021 saw creative plaintiff attorneys initiating a string of class action lawsuits alleging that sessions replay software violated state wiretap acts— notably in California and Florida.
While decisions out of Florida led many to believe these types of cases were dying
In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.
Online Safety in Digital Markets Needs a Joined Up Approach with Competition Law in the UK
In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.
Federal Court Dismisses Colonial Pipeline Cybersecurity Litigation
Federal Court Refuses to Dismiss Biometric Claims Brought by Trucker Against Facial
This week, a federal court rejected an attempt in litigation under the Fair Credit Reporting Act (“FCRA”) to assert claims against not only against Credit Reporting Agencies (“CRAs”) but also the Chief Executive Officers (“CEOs”) of the CRAs (“CEO Defendants”), concerning claims that they failed to respond to communications or remove an errant account from