In the wake of the U.S. Supreme Court’s decision in Spokeo v. Robins, 136 S. Ct. 1540 (2016), there has been a plethora of litigation in privacy class actions over whether federal courts can exercise subject-matter jurisdiction over the asserted statutory or common law claims. However, in addition to considering whether a court has subject-matter … Continue Reading
Michaels escaped a potential class action alleging Fair Credit Reporting Act (“FCRA”) violations late last month when a federal judge found the United States Supreme Court’s recent decision in Spokeo, Inc. v. Robbins, 136 S. Ct. 1540 (2016) foreclosed the plaintiffs’ claim for a bare statutory violation not resulting in concrete damages. The recent ruling … Continue Reading
Affirming a lower court decision this blog discussed here, the Superior Court of Pennsylvania held January 12 that dismissal of a proposed data breach class action was proper, because the University of Pittsburgh Medical Center lacked a legal duty to protect employee information stolen by a third party. The 2-1 majority’s finding that UPMC had … Continue Reading
While the United States Supreme Court’s ruling in Spokeo v. Robins, 136 S. Ct. 1540 (2016), has garnered much attention after being cited by numerous courts as a means to dismiss data privacy class actions, defendants should never count out any potential avenues for exiting such a suit; in Pennsylvania (and in many other states … Continue Reading
In a sign of the continuing significance of the U.S. Supreme Court’s recent ruling in Spokeo v. Robins, 136 S. Ct. 1540 (May 24, 2016), another federal court has cited that ruling in dismissing claims for lack of Article III standing. In Gubula v. Time Warner Cable, Inc., No. 15-cv-1078 (E.D. Wis. June 17, 2016), … Continue Reading
Just days after the Supreme Court’s ruling in Spokeo v. Robins, the highly anticipated decision is already impacting data breach class actions across the country. The defendant in the Spokeo case contended that the plaintiff had suffered no concrete injury, and that a mere statutory violation is not enough of an injury to give plaintiffs … Continue Reading
The federal judiciary derives its power from Article III of the United States Constitution. That power is limited to deciding “Cases” and “Controversies,” Art. III, section 2. In the case of Spokeo v. Robins, the United States Supreme Court considered whether a plaintiff presents such a “case” or “controversy” where he only alleged a violation of a … Continue Reading
In an encouraging development for data breach defendants, the Superior Court of Pennsylvania recently affirmed a trial court decision rejecting class certification in a suit filed against two Medicare programs for losing a flash drive containing personal information of 286,000 subscribers. The appellate court found that since the Philadelphia Court of Common Pleas “carefully considered the … Continue Reading
On 17 December 2015, the German Parliament (Deutscher Bundestag) passed a bill on the improvement of enforcement of data protection provisions protecting consumers (Entwurf eines Gesetzes zur Verbesserung der zivilrechtlichen Durchsetzung von verbraucherschützenden Vorschriften des Datenschutzrechts). Under the new law, registered consumer associations will have the right to sue companies for violations of data protection laws … Continue Reading
On November 25, a California federal court dismissed without prejudice a proposed class action against Toyota Motor Corp., Ford Motor Co., and General Motors LLC, claiming the carmakers failed to ensure the electronic security of their vehicles by equipping them with computer technology that is susceptible to being hacked by third parties. Cahen, et al. … Continue Reading
A panel of the Seventh Circuit Court of Appeals (Wood, C.J., Kanne, J. and Tinder, J.) has reversed the dismissal of a data security breach class action lawsuit against luxury department store Neiman Marcus. This lawsuit stemmed from a hacking incident in which “350,000 cards were potentially exposed; and 9,200 of those 350,000 cards were … Continue Reading
This post was written by Paul Bond. Target announced the compromise payment card information taken in-store between November 27 and December 15, 2013. Twelve putative class actions have been filed in federal courts arising from this announcement. Attached is a word cloud formed using those Complaints, excluding very common words. (Created using Wordle [http://www.wordle.net/].) Heading … Continue Reading
This post was also written by Frederick Lah. Earlier this week, a data breach class action brought against health insurance provider AvMed, Inc. came one step closer to resolution when plaintiffs filed their unopposed motion for preliminary approval of the class action settlement. The parties filed a joint notice of settlement back in September, but details … Continue Reading
In recent years, there has been a heightened focus on the Telephone Consumer Protection Act and a boom in TCPA litigation. The formula for recovery may seem simple and with no statutory cap, class action damages under the TCPA can add up quickly. Since Congress first passed the TCPA in 1991, the statutory definition of … Continue Reading
This post was written by Judith L. Harris and Rob Jackson. In a recent case, Smith v. Citibank, N.A., Craig Smith, the borrower, filed a class action against Citibank in state court in California alleging violations of the Telephone Consumer Protection Act (“TCPA”) and the state law regulating debt collection practices. In his complaint, Mr. … Continue Reading
The Taiwanese Ministry of Justice recently concluded a public consultation on draft enforcement rules and proposed amendments to its primary data protection legislation, the Computer-Processed Personal Data Protection Act (“the Act”). The amendments are reportedly far-reaching. If the amendments are approved, some key changes to the Act would be: The law would apply to the … Continue Reading
