Tag: Class Action

Class Action / Data Privacy

Biometric Class Action Against Facebook Greenlit by Ninth Circuit Court of Appeals

In an opinion article dated August 8, 2019, the Ninth Circuit Court affirmed the district court’s order certifying a class action of users who claim Facebook’s facial-recognition technology violates Illinois’s Biometric Information Privacy Act (BIPA). A copy of the Ninth Circuit’s opinion can be found here.  At issue is Facebook’s use of facial-recognition technology without first obtaining the consent of its users. The court agreed that the plaintiffs had sufficiently alleged a concrete and particularized harm sufficient to confer Article III standing. The court… Continue Reading
Class Action / Lawsuit

As If 200 Class Action Lawsuits Weren’t Enough…

The Illinois Supreme Court finally made its long awaited ruling on standing to sue under the Illinois Biometric Information Privacy Act (BIPA), siding with the class action representative in Rosenbach v. Six Flags Entertainment Corp., 2019 IL 123186, and allowing persons having suffered no actual injury to maintain a cause of action under BIPA.  BIPA has already given rise to 200+ putative class action lawsuits against businesses nationwide, including those with any measureable operation in Illinois. Businesses have fought back, arguing that BIPA’s private… Continue Reading
Data Privacy

Data Breach Settlement Highlights Need for Proactive Management of Data Security Threats

Lincare Inc. recently agreed to settle a class action lawsuit for $875,000. The class plaintiffs consisted of employees whose personal information was compromised in 2017. The breach involved a business email compromise scam. The settlement amount is not the only cost to the company and in fact may cost less than implementing remedial measures (credit/identity monitoring) and IT reforms to prevent such an incident from happening in the future. For example, the settlement terms dictate that an additional two years of free credit and identity… Continue Reading
Cyber Breach / Cybercrime / Cybersecurity / Emerging Issues

The Yahoo Class Action: Plaintiff’s Bar Finds a New Cottage Industry

The only “surprise” in the Yahoo class action complaint, filed Friday, September 23, 2016, is that Yahoo issued a press release announcing the breach a mere one day earlier.  The class action complaint, undersigned by three law firms in San Francisco, Boca Raton, and New York, seeks certification for: “All persons within the United States whose personal information was accessed following the data breach that Yahoo announced in a press release on September 22, 2016.”  Indeed, the complaint makes a number of allegations relating directly… Continue Reading
Class Action / Cyber Risk / Cybercrime / Cybersecurity

Judge Rules No Standing to Pursue Fear Of “Hacker Harm”

Last week a judge in the Southern District of Illinois trimmed several claims from a class action complaint made against Chrysler and Harman International Industries stemming from a 2015 WIRED magazine article. The July 21, 2015 WIRED article described the author’s experience of being a “digital crash-test dummy, a willing subject on whom [two hackers] could test the car-hacking research they’d been doing over the past year.” Less than two weeks after the article was published, on August 4, 2015, the plaintiffs filed their class… Continue Reading
Cyber Attacks

Sony Cyberattack Lawsuit Settles for $8 Million and Establishes the New Mass Tort Class Action

The emergence of the cyber attack class action as the new mass tort was further evidenced when Sony, less than one year after the first class action was filed, has agreed to pay up to $8 million to reimburse current and former employees for losses, preventative measures and legal fees related to last year’s data breach. The agreement must still be approved by a federal judge in the Central District of California, but, under the proposed terms, Sony will pay “up to $10,000 a… Continue Reading
Class Action / Cyber Attacks / Cyber Breach / Lawsuit

Target to Change Security Policies and Pay $10 Million to Settle Data Breach Lawsuit

U.S. District Court Judge Paul Magnuson has indicated that he will grant preliminary approval of a 97-page settlement agreement between Target and class-action plaintiffs.  Under the settlement, Target will pay $10 million to compensate injured customers, with court documents suggesting as much as $10,000 for a victim. In total, 42 million shoppers had their credit or debit information stolen, and 61 million had personal data stolen from November 27 through December 18, 2013. The settlement also requires Target to change its security policies within 10… Continue Reading
Class Action / Cyber Attacks / Cybersecurity / Lawsuit

Can Companies Pre-Emptively Avoid Class Action Suits from Massive Data Breaches? (A Blog Series)

There’s a constant flow of news about massive data breaches nowadays.  So much so that the question for companies with large amounts of personal data storage is no longer “if” it can happen but “when” it will happen.  In this series, we’re going to discuss one method that larger companies are using to significantly reduce the risk exposure to massive data breaches: click-wrap terms of use that require users to waive participation in class actions and instead only pursue claims by way of arbitration or… Continue Reading
Class Action / Cybersecurity / Lawsuit

Lawsuits Follow College’s Untimely Notifications – Can’t Blame the Dog…

Last year, the Maricopa County Community College District suffered a data breach in April, but waited until November before advising former students and employees that their academic and/or personal data may have been compromised.  Approximately 2.4 million people were impacted by this breach, or roughly the population of Pittsburgh, Pennsylvania.  Among the data that may have been breached were social security numbers, dates of birth, and bank account numbers. Recently, a current student of Phoenix College sued the College District in Maricopa County Court, making… Continue Reading