Archives: Litigation

Subscribe to Litigation RSS Feed

Where’s the (TCPA) Harm in That?

TCPA Cases Post-Spokeo: Federal courts weigh plaintiffs’ alleged harms under the TCPA in light of Spokeo v. Robins, with some beginning to find injury-in-fact to sue for unwanted calls and texts – while one rules that “professional” TCPA plaintiffs do not suffer injury insofar as calls are not “unwanted”

Following the U.S. Supreme Court’… Continue Reading

Advisory Alert: Impact of SCOTUS’ “Standing” Ruling in Spokeo

SupCt

The U.S. Supreme Court recently issued its much-anticipated ruling in Spokeo v. Robins, in which the Court considered whether Congress can confer Article III standing on a plaintiff to bring an action based on an alleged violation of a statute where that plaintiff has not otherwise suffered concrete injury. In a 6-2 decision, the Court held that whatever s… Continue Reading

SCOTUS Vacates Ninth Circuit’s Spokeo Decision

Alleging a bare statutory violation not enough to confer standing

When the Supreme Court granted certiorari in Spokeo v. Robins, it was clear that a ruling in the case would have significant implications for litigation under privacy statutes.  The issue before the Court was whether Congress can confer Article III standing on a plaintiff that has not suff… Continue Reading

“And That’s the End!” 11th Circuit Ends VPPA Action in Ellis, But Leaves the Question of What is PII Unresolved

Digital content and media providers got some good news from the U.S. Court of Appeals for the Eleventh Circuit in October when the court held that plaintiffs must be “subscribers” and not just users of a provider’s service to assert a claim under the Video Privacy Protection Act (“VPPA”). While the decision sets a higher procedural hurdle for pla… Continue Reading

Sprint Agrees to Pay FTC $2.95 Million to Settle Risk-Based Pricing Rule Charges Under the FCRA

Mobile service providers frequently look at their customers’ credit reports and scores to determine the best pricing plans for those customers. But as a recent settlement between Sprint Corporation and the Federal Trade Commission shows, mobile carriers that use customers’ credit information to determine service rates may be subject to the FTC… Continue Reading

UPDATE: Third Circuit Affirms FTC’s Data Security Authority in Wyndham

The U.S. Court of Appeals for the Third Circuit released its much-anticipated ruling in Federal Trade Commission v. Wyndham Worldwide Corp. on August 24, 2015, unanimously upholding the FTC’s authority to regulate companies’ data security practices under Section 5 of the Federal Trade Commission Act (FTC Act).

The Third Circuit’s ruling came in Continue Reading

Supreme Court Grants Cert in Campbell-Ewald v. Gomez

SupCt

In a move that may greatly impact litigation under the Telephone Consumer Privacy Act (TCPA) and potentially other acts that provide statutory damages for violations, the high court will hear arguments in a case questioning whether a class action can survive even after the named plaintiff(s) received an offer of complete relief

On May 18, 2015, the United … Continue Reading

Kentucky Enacts Data Breach Notice Law That Adds Extra Protection for Student Information while inBloom Withers

The world of the 1987 movie Robocop largely remains science fiction – except, perhaps the central character’s ability to access massive amounts of confidential personal data through the strike of a keyboard or even his helmet (was Robo’s mask the precursor to Google Glass?). Today, electronically sharing sensitive personal information – from … Continue Reading

Part III: Has Congress Spoken and Does It Really Matter? The Wyndham Worldwide Case and the Expanding Power of the FTC to Police Data Security

In the first and second parts of this series, we provided a summary of the District Court of New Jersey’s recent decision in FTC v. Wyndham Worldwide Corp. and then focused on whether the FTC has given “fair notice” to companies of the data security standards to which they will be held accountable. Today, we take a slightly different view of the FT… Continue Reading

Part II: Fair Notice or No Notice? The Wyndham Worldwide Case and the Expanding Power of the FTC to Police Data Security

In our first blog in this series, we provided a summary of the District Court of New Jersey’s recent decision in FTC v. Wyndham Worldwide Corp., in which Judge Salas confirmed the FTC’s authority to bring enforcement actions to redress deficient corporate data security practices, even in the absence of formal rules or regulations setting forth … Continue Reading

Part I: The Elephant Emerges From the Mousehole: The Wyndham Worldwide Case and the Expanding Power of the FTC to Police Data Security

In support of its motion to dismiss the FTC’s complaint alleging data security deficiencies in violation of Section 5 of the FTC Act, Wyndham Worldwide Corporation cited the Supreme Court’s opinion in Whitman v. American Trucking Ass’ns, which cautioned against agencies utilizing vague statutory provisions to alter “fundamental details o… Continue Reading

No Harm, Still Foul? Florida Court Approves Data-Breach Class Action Settlement

Data-breach class action suits may have just gained significant traction. On Feb. 28, 2014, the U.S. District Court for the Southern District of Florida approved a first of its kind class action data breach settlement that will pay plaintiffs regardless of whether they were damaged by the breach.

In December 2009, multiple laptops containing unencryp… Continue Reading

FTC’s 50th Data Security Settlement Sends a Message: Be Careful with Overseas Contractors

The Federal Trade Commission (FTC) sent a message about the importance of imposing appropriate security measures on—and monitoring—vendors with access to confidential consumer information. The FTC issued a 20-year consent order with GMR Transcription Services (GMR) over its overseas contractor’s data security breach. The decision marks th… Continue Reading

Internet Privacy Class Actions

In today’s cyberworld, operating in online and social media can put companies in a special class. Unfortunately, that class could mean a class action lawsuit. Websites and social media provide search engines, website operators, and advertisers powerful ways to obtain and monetize data about users. Jimmy Nguyen explores how this power has trigge… Continue Reading

So When Did Protecting Privacy Become Unconstitutional?

Posted by Thomas Jeffry

The clash between privacy advocates and those companies who make millions of dollars collecting and selling data about pharmaceutical prescription patterns was perhaps inevitable. When the State of New Hampshire passed the Prescription Confidentiality Act last year, leading health information brokers were quick to challe… Continue Reading

California’s Constitutional Right to Privacy is Limited by Statutory Litigation Privilege

By Rory Eastburg

On April 5, 2007, a unanimous state Supreme Court ruled that California’s litigation privilege extends to claims based on the state’s constitutional right to privacy.  While conceding that the statutory privilege would have to yield to the constitutional privacy right if the two conflicted, the court concluded that … Continue Reading

Red Hook: Not Just a Micro-Brewery in the Pacific Northwest Any Longer

Posted by Kaustuv M. Das

On Tuesday, Oct. 3, 2006, the Electronic Freedom Foundation’s FLAG project filed a Freedom of Information Act (FOIA) action Freedom of Information Act (FOIA) action, in the United States District Court for the District of Columbia, seeking release of information from the FBI on its DCS-3000 and Red Hook tools. DCS-3000 and Red Ho… Continue Reading

Decisions, Decisions: NSA Letters and Apple Blogger Cases Decided

Posted by Bruce Johnson

Last week saw two very important privacy opinions, from opposite sides of the country.

First, on May 23, 2006, the Second Circuit dismissed (without reaching the merits) two appeals involving so-called “National Security Letters” — unilateral notices from the United States Government demanding certain inf… Continue Reading

The Risks of Using Service Providers to Store Confidential Information

Posted by Kraig Baker

Declan McCullagh reports that the FTC issued a subpoena to Google for all contents of a user’s Gmail account, including deleted e-mails. The subpoena relates to a fraud claim. As more and more small businesses and independent contractors choose to use Google products to save money and to facilitate portability, few of them are t… Continue Reading

NH Court: Right of Access Trumps Personal Privacy

Posted by Brian Bennett

The New Hampshire Supreme Court recently held that financial information a person discloses in divorce cases is not subject to privacy law protection. The court held that there is a constitutional right of access to court records including financial affidavits filed in domestic relations cases, and that this public right arises f… Continue Reading

Merchant Bank May be Liable for Costs to Replace Hacked Visa Cards

Posted by Randy Gainer

The United States District Court for the Middle District of Pennsylvania ruled on October 18, 2005, that the bank that processed credit and debit card transactions for BJ’s Wholesale Club, Inc. may be liable for the costs that a credit union incurred to replace compromised cards. The ruling came in a lawsuit filed by the Pennsyl… Continue Reading

Seventh Circuit Breaks with Other Appeals Courts to Find Federal Jurisdiction for Consumer Junk Fax Suits

Posted by Ronald London

The U.S. Court of Appeals for the Seventh Circuit, which sits in Chicago and encompasses Illinois, Indiana and Wisconsin, recently issued a decision in Brill v. Countrywide Home Loans, Inc., No. 05-8024, holding that federal courts may hear lawsuits arising out of consumer claims for redress under the Telephone Consumer Protecti… Continue Reading

California Court Orders Discovery To Determine Whether Visa and MasterCard Fall Under California’s Data Breach Notification Statute

Posted by Min Lee San Francisco Superior Court Judge Richard Kramer has ordered Visa and MasterCard to disclose the nature of their relationship with CardSystems, the payment processor whose computer systems were breached sometime between August 2004 and May of this year, exposing about 40 million credit and debit accounts to potential abuse. The Judge … Continue Reading

LexBlog