Archives: In the Courts

Subscribe to In the Courts RSS Feed

Get your update on IT & Privacy Law (Germany)

The Summer 2017 Edition of the quarterly IT & Privacy Newsletter by Reed Smith Germany has just been released. We cover the German GDPR Implementation Act, new case law on processing on the basis of legitimate interests, marketing consent, and provider liability, as well as the paper on Google Analytics by the Hamburg data protection … Continue Reading

Second Circuit Provides Businesses with a Powerful Defense to TCPA Revocation Claims

In a watershed ruling for businesses facing the recent onslaught of Telephone Consumer Protection Act (TCPA) claims, the Second Circuit Court of Appeals held that consumers cannot revoke their consent to receive automated or prerecorded cell phone calls if they previously consented to receive those calls as part of a binding contract. See Reyes v. Lincoln … Continue Reading

CJEU: Operation of peer-to-peer sharing platform may qualify as copyright infringement

In a preliminary judgment of 14 June 2017, Case C-610/15, the Court of Justice of the European Union (‘CJEU’) held that the making available and management of a peer-to-peer sharing platform may constitute a copyright infringement. Facts of the case In the underlying main proceedings before the Supreme Court of the Netherlands, Stichting Brein, a Dutch … Continue Reading

J. Crew Credit Card Digit Class Action Dismissed Again Because of Overly Speculative Identity Theft, Fraud Risks

As courts continue to grapple with close calls on standing following the U.S. Supreme Court’s seminal decision in Spokeo v. Robins, another court has given defendants a win for intangible injuries and risk of future harm.  On June 6, the District of New Jersey dismissed – for the second time – a putative class action … Continue Reading

German Federal Supreme Court confirms: Dynamic IP addresses may constitute personal data

According to a press release dated 16 May 2017, and following the Court of Justice of the European Union’s (CJEU) preliminary ruling in Case C-582/14 dated 19 October 2016 (see our previous blog), the German Federal Supreme Court (Bundesgerichtshof – FSC) confirmed in a judgment of 15 May 2017, case no. VI ZR 135/13 that dynamic IP addresses constitute personal data within … Continue Reading

Defamation and Data Protection: a twin-barrelled approach to claims against publishers

In the recent case of Prince Moulay Hicham v Elaph Publishing Limited, the Court of Appeal held in a unanimous decision that a claimant could include an action under the UK Data Protection Act 1998 (‘DPA’) as an alternative means of redress. To read our full client alert in relation to this judgment, please click … Continue Reading

Recent Open Meeting Foreshadows FCC Commissioners’ Views if ACA Decision Is Remanded

As the cherry blossoms prepare to bloom in Washington, D.C., our thoughts turn toward wondering when the D.C. Circuit will hand down its ruling in ACA International, et al v. FCC (Case No. 15-1211). This case, you will recall, is the consolidation of a number of appeals challenging the July 10, 2015, Order in which … Continue Reading

Bare Statutory Violation of FCRA Fails to Satisfy Standing Requirements Post-Spokeo, Says District of New Jersey in Suit Over Michaels Employment Disclosures

Michaels escaped a potential class action alleging Fair Credit Reporting Act (“FCRA”) violations late last month when a federal judge found the United States Supreme Court’s recent decision in Spokeo, Inc. v. Robbins, 136 S. Ct. 1540 (2016) foreclosed the plaintiffs’ claim for a bare statutory violation not resulting in concrete damages.  The recent ruling … Continue Reading

Superior Court of Pennsylvania Affirms Rejection of Proposed Data Breach Class of UPMC Workers, Finding Hospital Owed No Duty to Protect Information

Affirming a lower court decision this blog discussed here, the Superior Court of Pennsylvania held January 12 that dismissal of a proposed data breach class action was proper, because the University of Pittsburgh Medical Center lacked a legal duty to protect employee information stolen by a third party. The 2-1 majority’s finding that UPMC had … Continue Reading

Federal Circuit Clarifies Descriptiveness Standard in Overturning ‘Dotblog’ Trademark Refusal

It’s not uncommon for internet-based services to utilize names referencing their online presence, much like it is not uncommon for the monikers of app-based services to refer to their mobile format. But at what point does a suggestive term become merely descriptive to the point that it can be denied trademark registration? The United States … Continue Reading

Weak Social Media Presence Sinks Trademark Claims, Says Sixth Circuit

A DJ asserting trademark infringement and dilution claims against a similarly named rapper failed partly due to a lack of apparent popularity on social media, the U.S. Court of Appeals for the Sixth Circuit ruled on December 13. In Kibler v. Hall, et al., No. 15-2516 (6th Cir. Dec. 13, 2016), the appellate court affirmed … Continue Reading

Officers and Directors Spared Home Depot Data Breach Derivative Lawsuit

Officers and directors may breathe a temporary sigh of relief following the recent dismissal of the Home Depot data breach derivative case. Others will look to the facts for guidance. The complaint alleging the board had breached its fiduciary duties by “knowingly and in conscious disregard” failing to ensure that Home Depot took reasonable measures … Continue Reading

Even in Social Media Age, Web Presence Without Specific Showing of Customer Interaction is Not Enough for Personal Jurisdiction

Ask any 1L – personal jurisdiction has always been a tricky issue. But in the internet era, even courts have grappled with how to determine whether an online presence is sufficient to establish personal jurisdiction over a party.   Recently, the Eastern District of Louisiana ruled that an internet presence consisting of a website as well … Continue Reading

EU-US Privacy Shield challenged in the European Court of Justice

Just four months after its adoption by the European Commission, the EU-U.S. Privacy Shield is facing its first formal legal challenge. The challenge comes from the Irish advocacy group Digital Rights Ireland, who is joined by French privacy advocacy group La Quadrature du Net and non-profit internet service provider French Data Network.… Continue Reading

Michigan AG Steps In to Defend State Privacy Law

The Michigan attorney general intervened November 22 in a suit brought under a Michigan privacy law, making it one of the first times a state attorney general has weighed in on a case involving data use. Michigan AG Bill Schuette defended the constitutionality of the Michigan Preservation of Personal Privacy Act, otherwise known as the … Continue Reading

TLT v SoS: How do you quantify damages for data breaches?

A recent High Court decision, TLT and others v Secretary of State for the Home Office [2016] EWHC 2217 (QB) (“TLT v SoS”), paves the way for the greater recognition of distress in cases of data breaches and the misuse of private information. The victims of a data breach, in this case asylum seekers, successfully … Continue Reading

CJEU says dynamic IP addresses can constitute personal data

The Court of Justice of the European Union (“CJEU”) has ruled that dynamic IP addresses can constitute personal data. Dynamic IP addresses, registered by a website provider when an individual accesses its website, shall constitute personal data where the operator has the legal means to combine the data with additional data (held by the internet … Continue Reading

Lyft Faces Second Wave of TCPA Litigation for Sending Autodialed Texts

Lyft, Inc. – the popular ride hailing service featuring the iconic pink moustache – is facing a second class action lawsuit in California alleging violations under the Telephone Consumer Protection Act (“TCPA”). This alleges that Lyft sent unwanted and unsolicited text messages to cellphones using an automated dialing system without first obtaining express written consent … Continue Reading

Class Action Filed Against Indianapolis Colts over App

This month, the Indianapolis Colts, app developer Yinzcam, Inc., and ultrasonic technology provider Lisnr, Inc., were hit with a federal class action lawsuit in Pennsylvania for violating the Electronic Communications Privacy Act by allegedly allowing the Colts fan app to listen in on users’ personal phone conversations, and use that information for advertising purposes without … Continue Reading

Despite Plaintiffs Satisfying Standing Requirements, Barnes & Noble Closes the Book on Data Breach Class Action

In data breach class actions, standing is often the major obstacle, and has taken on renewed focus following the U.S. Supreme Court’s ruling in Spokeo v. Robins, 136 S. Ct. 1540 (May 24, 2016). See, e.g., Federal Court Finds Intangible Harm Caused by Robocalls Sufficient for Post-Spokeo Standing in TCPA Claim Alleging Privacy Invasion, Technology … Continue Reading

A supply of software can be a sale of goods

The High Court held, in The Software Incubator v Computer Associates [2016] EWHC 1587 (QB), that a supply of commoditised software is a sale of goods for the purposes of the Commercial Agents (Council Directive) Regulations 1993 (“Regulations”). Background Computer Associates UK Ltd (“CA”) entered into a non-exclusive agreement with The Software Incubator Limited (“TSI”). … Continue Reading

VPPA Suit Over Sharing Users’ Video-Viewing Data Continues as Gannett’s Motion to Dismiss Is Denied

In a case demonstrating the ongoing difficulties of applying the Spokeo decision to interpret injury-in-fact, a Massachusetts federal court last week denied a motion to dismiss by USA Today parent company, Gannett Satellite Information Network Inc., where the company allegedly disclosed personal data about a user’s video-viewing history to a third-party analytics firm. The putative … Continue Reading

Third Circuit Dismissal Affirmance Based on Economic Loss Doctrine Shows Spokeo Shouldn’t Be Your Only Data Breach Class Action Exit Strategy

While the United States Supreme Court’s ruling in Spokeo v. Robins, 136 S. Ct. 1540 (2016), has garnered much attention after being cited by numerous courts as a means to dismiss data privacy class actions, defendants should never count out any potential avenues for exiting such a suit; in Pennsylvania (and in many other states … Continue Reading

High Court Permits University’s Contravention of Its Own Privacy Policy

The High Court in Bangura v Loughborough University [2016] EWHC 1503 (QB) ruled 19 May that Loughborough University acted lawfully under the Data Protection Act 1998 (“DPA”) in supplying Leicestershire Police with the registration form of a student suspected of sexual assault and rape. In contravention of the university’s data protection policy, the registration form … Continue Reading
LexBlog