Press "Enter" to skip to content

Posts published in “IT & Data Protection”

3rd Cir. Vacates Cy Pres Class Settlement Citing Trial Court’s Failure to Scrutinize Scope of Release

The U.S. Court of Appeals for the Third Circuit recently vacated an order approving the settlement of a class action certified under Rule 23(b)(2), where the only benefit to the class was the defendant’s payment of a cy pres award to organizations that promoted data…

9th Cir. Holds Violation of Facial Recognition Law Sufficient for Standing, Upholds Class Cert.

The U.S. Court of Appeals for the Ninth Circuit recently held that class plaintiffs alleged a concrete and particularized harm sufficient to confer Article III standing where the defendant company’s alleged collection, use, and storage of the plaintiffs’ biometric information was the substantive harm targeted…

7th Cir. Holds Plaintiff Lacked Standing in ADA ‘Website Accessibility’ Case Against Credit Union

The U.S. Court of Appeals for the Seventh Circuit recently held that a blind plaintiff lacked standing to sue under the Americans with Disabilities Act (ADA) for alleged accessibility problems with a credit union’s website because he could not establish an injury in fact as…

Texas Enacts Amendments to Data Breach Notification Law; Creates Privacy Protection Advisory Council

On June 14, Texas Gov. Greg Abbott signed into law House Bill 4390 which amends the notification requirements of Texas’ data breach law and creates an advisory council to study data privacy laws generally.  The provisions become effective Jan. 1, 2020. Currently, a person conducting…

8th Cir. Rejects Alleged Data Breach Victim’s UDAP, UDTPA, Common Law, and Other Claims

The U.S. Court of Appeals for the Eighth Circuit recently upheld the dismissal of an alleged data breach victim’s allegations under the Illinois Consumer Fraud and Deceptive Business Practices Act, the Illinois Personal Information Protection Act, and the Illinois Uniform Deceptive Trade Practices Act, as…

9th Cir. Holds ‘Unlawful Information Collection and Sharing’ Class Action Improperly Removed Under CAFA

In a 2-1 decision, the U.S. Court of Appeals for the Ninth Circuit held that a putative class action against state entities and a private contractor for allegedly collecting and sharing personal data without authorization was essentially a local controversy and was therefore correctly remanded…

SD Calif. Dismisses Data Security Breach Class Action Against Mortgage Company

The U.S. District Court for the Southern District of California recently dismissed a consumer’s putative class action lawsuit against a mortgage lending and servicing company for purported damages sustained as a result of a security breach wherein his personal information was compromised, and the hackers…