Archives: Enforcement & Litigation

Subscribe to Enforcement & Litigation RSS Feed

NY AG Announces Settlements with Three Mobile-Health App Developers Over Privacy, Marketing Concerns

On March 23, 2017, New York State Attorney General Eric T. Schneiderman announced settlements with three mobile health application (app) development companies aimed at curbing deceptive marketing practices and inadequate privacy disclosures to consumers. The settlements – reached with Cardiio, Inc., Matis Ltd., and Runtastic GmbH, respectively – target health measurement apps that “purport to … Continue Reading

Wendy’s Successful in Trimming Data Breach Class Action Suit But No Dismissal

We have previously discussed the class action case filed against Wendy’s as a result of a data breach [view related post]. The case was initially dismissed based upon lack of standing, but the plaintiffs were given the opportunity to amend the Complaint. After the filing of the Amended Complaint, Wendy’s filed a Motion to Dismiss. … Continue Reading

Third Circuit Holds Criminal Defendant in Contempt for Refusing to Decrypt Hard Drives

In a precedential ruling, the Third Circuit Court of Appeals this week upheld a lower court’s ruling holding a criminal defendant in contempt for refusing to decrypt two external hard drives that were seized during a child pornography investigation. During the investigation, the government seized the defendants’ property, including two iPhones, a MacBook Pro and … Continue Reading

Neiman Marcus Settles Data Breach Class Action Case for up to $1.6 Million

We have followed the Neiman Marcus case from the moment the data breach was announced [view related posts here, here, and here]. After winding through the judicial system, Neiman Marcus has agreed to settle, and the plaintiffs have requested that the Judge approve the proposed settlement, reached after mediation proceedings. The settlement includes a payment … Continue Reading

IRS Files Petition to Enforce Summons Issued to Virtual Currency Company

The Internal Revenue Service (IRS) obtained authorization from a California federal court last November to serve a John Doe summons on the virtual currency firm Coinbase in order to obtain customer information to determine whether customers were using virtual currency to avoid paying income taxes. Although the summons was issued in December, Coinbase has not … Continue Reading

Yahoo Breaches Cost Shareholders $350 Million From Lowered Purchase Price, CEO Forfeits $14 Million in Compensation

Yahoo’s troubles for failing to timely disclose security breaches provides rare insight into quantifying the financial and other costs to a company’s shareholders and leadership when a security breach occurs and is mishandled. In 2014, more than a billion Yahoo accounts were hacked. Then in 2015 and 2016, more than 500,000 Yahoo user accounts were … Continue Reading

Florida Supreme Court Rejects PSQIA Preemption of Florida Constitution

On January 31, 2017, the Florida Supreme Court held that adverse medical incident reports produced in accordance with Florida law cannot constitute confidential and privileged patient safety work product (PSWP) under the federal Patient Safety & Quality Improvement Act of 2005 (PSQIA). In Jean Charles, Jr. et al. v. Southern Baptist Hospital of Florida, Inc. … Continue Reading

Arby’s Hit with Multiple Class Action Suits over Data Breach

Arby’s has announced that its point-of-sale system had been compromised by intruders over a four month period between October of 2016 and January of 2017, exposing the credit and debit card information of 355,000 customers. It is unknown at the present time which Arby’s restaurants were included in the incident, but it is estimated that … Continue Reading

FTC and Ten States Settle with Caribbean Cruise Lines for Robocall Accusations

This week, the Federal Trade Commission (FTC) and ten states settled charges against the Florida-based cruise line, Caribbean Cruise Line, Inc. (CCL), for an illegal telemarking campaign that inundated consumers with billions of unwanted robocalls. In settling these charges, CCL’s owner, Fred Accuardi, and all of his companies are barred from robocalling and illegal telemarketing. … Continue Reading

TCPA Violations Claimed Against Rady Children’s Hospital in San Diego

Rady Children’s Hospital-San Diego (Rady) was hit with a proposed class action in California federal court this week for alleged violations of the Telephone Consumer Protection Act (TCPA) for autodialed debt-collection calls to consumers’ cell phones. The complaint, filed by two plaintiffs, Taneesha Crooks and Anthony Brown, states that “[Rady], either directly or through their … Continue Reading

Former NSA Contractor Indicted for Theft of Government Property

The United States Department of Justice (DOJ) has announced that a former contractor of a defense contractor has been indicted for stealing over 75 percent of hacking tools belonging to the Nations Security Agency’s offensive cyber unit, as well as the ICA and Cyber Command. According to the indictment, Harold T. Martin has been charged … Continue Reading

Facial Scan Case Dismissed Under Illinois Biometrics Law

The developers of two NBA video games were successful this week in getting a putative class action alleging violations of the Illinois Biometrics law dismissed. Two named plaintiffs alleged that the video games violated the Illinois Biometrics Information Privacy Act (BIPA) because the game developer failed to get the gamers’ permission prior to using and … Continue Reading

Indianapolis Colts Want Class Action on Recording Conversations Moved to Home Stadium

The Indianapolis Colts mobile app is alleged by a putative class to record fans’ private conversations. In the putative class action, the named plaintiff alleges that the mobile app secretly activates the smart phone’s microphone to determine the fan’s location and then listens and records all audio within range, which includes personal conversations without consent. … Continue Reading

7th Circuit Rules No Class Action unless the Data is at Risk

A Time Warner customer filed a putative class action suit against it alleging that it violated the Cable Communications Privacy Act because it stored personal information of customers improperly. In particular, he alleged that Time Warner kept his information for eight years after he no longer was a customer, in violation of the Cable Communications … Continue Reading

Mississippi AG Sues Google for Collection of Student Data

Mississippi Attorney General Jim Hood filed a Complaint against Google last week for alleged violations of the state’s Consumer Protection Act for its collection and use of students’ personal information and search history. The suit alleges that Google is using public school students’ information through G Suite for Education accounts to “advance its business interests … Continue Reading

Employer Has No Legal Duty To Protect Employee Electronic Information

A court in Pennsylvania recently held that an employer does not have a legal duty to act reasonably in managing its computer systems to safeguard sensitive personal information collected from its employees, when the employer elects, for purposes of its own business efficiencies, to store and manage such sensitive employee data on its internet-accessible computer … Continue Reading

FTC Charges Taipei Based D-Link for Inadequate Security of Computer Routers and Cameras

The Federal Trade Commission (FTC) has filed a complaint in Northern California against D-Link for putting thousands of consumers at risk over the past decade for failing to have adequate security practices in its routers and cameras. In particular, D-Link products have well-known preventable software security flaws, including hard-coded credentials and backdoors which allow attackers … Continue Reading

American Eagle Settles TCPA Class Action for $14.5 Million

American Eagle Outfitters (American Eagle) settled a class action filed against it for alleged Telephone Consumer Protection Act (TCPA) violations for $14.5 million last week. The class action complaint alleged that American Eagle send unsolicited text message messages to over 600,000 unique cell phone numbers without prior written consent as required by the TCPA. The … Continue Reading

Inbound Call Experts to Pay $10 Million for Consumer Redress

Florida-based tech support scheme, Inbound Call Expert, doing business as Advanced Tech Support, will pay $10 million for consumer redress in accordance with the Federal Trade Commission’s (FTC) final order. The FTC, and the State of Florida, charged Inbound Call Expert with deceiving thousands of consumers by using high-pressure sales pitches to telemarket tech support … Continue Reading
LexBlog