Archives: In the Courts

Subscribe to In the Courts RSS Feed

Defamation and Data Protection: a twin-barrelled approach to claims against publishers

In the recent case of Prince Moulay Hicham v Elaph Publishing Limited, the Court of Appeal held in a unanimous decision that a claimant could include an action under the UK Data Protection Act 1998 (‘DPA’) as an alternative means of redress. To read our full client alert in relation to this judgment, please click … Continue Reading

Recent Open Meeting Foreshadows FCC Commissioners’ Views if ACA Decision Is Remanded

As the cherry blossoms prepare to bloom in Washington, D.C., our thoughts turn toward wondering when the D.C. Circuit will hand down its ruling in ACA International, et al v. FCC (Case No. 15-1211). This case, you will recall, is the consolidation of a number of appeals challenging the July 10, 2015, Order in which … Continue Reading

Bare Statutory Violation of FCRA Fails to Satisfy Standing Requirements Post-Spokeo, Says District of New Jersey in Suit Over Michaels Employment Disclosures

Michaels escaped a potential class action alleging Fair Credit Reporting Act (“FCRA”) violations late last month when a federal judge found the United States Supreme Court’s recent decision in Spokeo, Inc. v. Robbins, 136 S. Ct. 1540 (2016) foreclosed the plaintiffs’ claim for a bare statutory violation not resulting in concrete damages.  The recent ruling … Continue Reading

Superior Court of Pennsylvania Affirms Rejection of Proposed Data Breach Class of UPMC Workers, Finding Hospital Owed No Duty to Protect Information

Affirming a lower court decision this blog discussed here, the Superior Court of Pennsylvania held January 12 that dismissal of a proposed data breach class action was proper, because the University of Pittsburgh Medical Center lacked a legal duty to protect employee information stolen by a third party. The 2-1 majority’s finding that UPMC had … Continue Reading

Federal Circuit Clarifies Descriptiveness Standard in Overturning ‘Dotblog’ Trademark Refusal

It’s not uncommon for internet-based services to utilize names referencing their online presence, much like it is not uncommon for the monikers of app-based services to refer to their mobile format. But at what point does a suggestive term become merely descriptive to the point that it can be denied trademark registration? The United States … Continue Reading

Weak Social Media Presence Sinks Trademark Claims, Says Sixth Circuit

A DJ asserting trademark infringement and dilution claims against a similarly named rapper failed partly due to a lack of apparent popularity on social media, the U.S. Court of Appeals for the Sixth Circuit ruled on December 13. In Kibler v. Hall, et al., No. 15-2516 (6th Cir. Dec. 13, 2016), the appellate court affirmed … Continue Reading

Officers and Directors Spared Home Depot Data Breach Derivative Lawsuit

Officers and directors may breathe a temporary sigh of relief following the recent dismissal of the Home Depot data breach derivative case. Others will look to the facts for guidance. The complaint alleging the board had breached its fiduciary duties by “knowingly and in conscious disregard” failing to ensure that Home Depot took reasonable measures … Continue Reading

Even in Social Media Age, Web Presence Without Specific Showing of Customer Interaction is Not Enough for Personal Jurisdiction

Ask any 1L – personal jurisdiction has always been a tricky issue. But in the internet era, even courts have grappled with how to determine whether an online presence is sufficient to establish personal jurisdiction over a party.   Recently, the Eastern District of Louisiana ruled that an internet presence consisting of a website as well … Continue Reading

EU-US Privacy Shield challenged in the European Court of Justice

Just four months after its adoption by the European Commission, the EU-U.S. Privacy Shield is facing its first formal legal challenge. The challenge comes from the Irish advocacy group Digital Rights Ireland, who is joined by French privacy advocacy group La Quadrature du Net and non-profit internet service provider French Data Network.… Continue Reading

Michigan AG Steps In to Defend State Privacy Law

The Michigan attorney general intervened November 22 in a suit brought under a Michigan privacy law, making it one of the first times a state attorney general has weighed in on a case involving data use. Michigan AG Bill Schuette defended the constitutionality of the Michigan Preservation of Personal Privacy Act, otherwise known as the … Continue Reading

TLT v SoS: How do you quantify damages for data breaches?

A recent High Court decision, TLT and others v Secretary of State for the Home Office [2016] EWHC 2217 (QB) (“TLT v SoS”), paves the way for the greater recognition of distress in cases of data breaches and the misuse of private information. The victims of a data breach, in this case asylum seekers, successfully … Continue Reading

CJEU says dynamic IP addresses can constitute personal data

The Court of Justice of the European Union (“CJEU”) has ruled that dynamic IP addresses can constitute personal data. Dynamic IP addresses, registered by a website provider when an individual accesses its website, shall constitute personal data where the operator has the legal means to combine the data with additional data (held by the internet … Continue Reading

Lyft Faces Second Wave of TCPA Litigation for Sending Autodialed Texts

Lyft, Inc. – the popular ride hailing service featuring the iconic pink moustache – is facing a second class action lawsuit in California alleging violations under the Telephone Consumer Protection Act (“TCPA”). This alleges that Lyft sent unwanted and unsolicited text messages to cellphones using an automated dialing system without first obtaining express written consent … Continue Reading

Class Action Filed Against Indianapolis Colts over App

This month, the Indianapolis Colts, app developer Yinzcam, Inc., and ultrasonic technology provider Lisnr, Inc., were hit with a federal class action lawsuit in Pennsylvania for violating the Electronic Communications Privacy Act by allegedly allowing the Colts fan app to listen in on users’ personal phone conversations, and use that information for advertising purposes without … Continue Reading

Despite Plaintiffs Satisfying Standing Requirements, Barnes & Noble Closes the Book on Data Breach Class Action

In data breach class actions, standing is often the major obstacle, and has taken on renewed focus following the U.S. Supreme Court’s ruling in Spokeo v. Robins, 136 S. Ct. 1540 (May 24, 2016). See, e.g., Federal Court Finds Intangible Harm Caused by Robocalls Sufficient for Post-Spokeo Standing in TCPA Claim Alleging Privacy Invasion, Technology … Continue Reading

A supply of software can be a sale of goods

The High Court held, in The Software Incubator v Computer Associates [2016] EWHC 1587 (QB), that a supply of commoditised software is a sale of goods for the purposes of the Commercial Agents (Council Directive) Regulations 1993 (“Regulations”). Background Computer Associates UK Ltd (“CA”) entered into a non-exclusive agreement with The Software Incubator Limited (“TSI”). … Continue Reading

VPPA Suit Over Sharing Users’ Video-Viewing Data Continues as Gannett’s Motion to Dismiss Is Denied

In a case demonstrating the ongoing difficulties of applying the Spokeo decision to interpret injury-in-fact, a Massachusetts federal court last week denied a motion to dismiss by USA Today parent company, Gannett Satellite Information Network Inc., where the company allegedly disclosed personal data about a user’s video-viewing history to a third-party analytics firm. The putative … Continue Reading

Third Circuit Dismissal Affirmance Based on Economic Loss Doctrine Shows Spokeo Shouldn’t Be Your Only Data Breach Class Action Exit Strategy

While the United States Supreme Court’s ruling in Spokeo v. Robins, 136 S. Ct. 1540 (2016), has garnered much attention after being cited by numerous courts as a means to dismiss data privacy class actions, defendants should never count out any potential avenues for exiting such a suit; in Pennsylvania (and in many other states … Continue Reading

High Court Permits University’s Contravention of Its Own Privacy Policy

The High Court in Bangura v Loughborough University [2016] EWHC 1503 (QB) ruled 19 May that Loughborough University acted lawfully under the Data Protection Act 1998 (“DPA”) in supplying Leicestershire Police with the registration form of a student suspected of sexual assault and rape. In contravention of the university’s data protection policy, the registration form … Continue Reading

Third Circuit Finds Photo Placement Sufficient to Permit Defamation, False Light Claims to Go Forward in Suit Alleging Harm from Firefighter Sex Scandal Story

In a case demonstrating the difficulties of applying long-established but arguably outdated legal principles to modern technology, the United States Court of Appeals for the Third Circuit last week reversed itself to permit a Philadelphia firefighter’s defamation and false light claims to go forward, based on the inclusion of his photograph in an online article … Continue Reading

The Stored Communications Act’s Warrant Provisions Do Not Apply Extraterritorially

On July 14, the Second Circuit in Microsoft v. United States ruled that the Stored Communications Act (SCA) “does not authorize a U.S. court to issue and enforce an SCA warrant against a United States-based service provider for the contents of a customer’s electronic communications stored on servers located outside the United States.” The Justice … Continue Reading

CJEU Attorney General Opinion Seeks to Restrict the Interpretation of ‘Establishment’

In June, the Attorney General (“AG”) of the Court of Justice of the European Union (“CJEU”) issued his opinion (English translation pending) in the case of Verein für Konsumenteninformation v Amazon EU Sàrl (Case C-191/15). The opinion makes potentially important observations about which law should apply to the processing of personal data under the Data … Continue Reading

Ninth Circuit Rules that CFAA Imposes Criminal Penalties when Terminated Users Try To Access Systems With Borrowed Passwords

It can be a violation of the federal Computer Fraud and Abuse Act (“CFAA”) to “access[] a protected computer without authorization.” The CFAA clearly applies when criminals with no connection to a company try to force their way into information systems.  But in a recent decision a divided panel of the Ninth Circuit found the CFAA … Continue Reading

Federal Court Finds Intangible Harm Caused by Robocalls Sufficient for Post-Spokeo Standing in TCPA Claim Alleging Privacy Invasion

In an instructive opinion on how intangible harms can cause injuries sufficient to confer standing on plaintiffs—and a rare example of the U.S. Supreme Court’s latest ruling on standing aiding plaintiffs—a West Virginia federal court ruled June 30 that computer-dialed telemarketing calls caused concrete, particularized privacy invasions such that plaintiff’s Telephone Consumer Protection Act (“TCPA”) … Continue Reading
LexBlog