The Illinois Supreme Court recently ruled that the named plaintiff in a putative data breach class action lacked standing to pursue her claims given that her private personal information had not actually been misused by a third party.Continue Reading Illinois Supreme Court Rules That Plaintiff Lacks Standing to Bring Putative Data Breach Class Action

Billie Mandelbaum
Billie Mandelbaum is an associate in the firm's San Francisco office. Her practice focuses on insurance coverage litigation and general commercial litigation and investigations. She also maintains an active pro bono practice that includes both direct services and amicus curiae representation.
California Federal Court Finds Plaintiffs Plausibly Alleged That Cloud Solution Company Owed Consumers Duty of Care
In a putative consumer data breach class action, a court in the Northern District of California recently denied a cloud solution company’s motion to dismiss the plaintiffs’ negligence claim finding that the plaintiffs plausibly alleged that the company owed consumers a duty of care. See In re Accellion, Inc. Data Breach Litig., 2024 WL 4592367 (N.D. Cal. Oct. 28, 2024).Continue Reading California Federal Court Finds Plaintiffs Plausibly Alleged That Cloud Solution Company Owed Consumers Duty of Care
South Carolina Federal Court Denies Class Certification in Consumer Data Breach Case
A court in the District of South Carolina recently denied class certification in a putative consumer data breach class action after concluding that the proposed class and sub-classes were not ascertainable. See In re Blackbaud, Inc., Customer Data Breach Litigation, 2024 WL 21555221 (D.S.C. May 14, 2024).
In February 2022, plaintiffs filed suit against Blackbaud, a business-to-business software company that sells cloud-computing services to social good organizations. Plaintiffs, who had provided personal information to Blackbaud’s customers, alleged that their information was compromised during a breach of Blackbaud’s data centers. In December 2022, plaintiffs moved to certify nationwide and sub-classes representing individuals whose “unencrypted information was stored on the database” of a Blackbaud customer. In support of class certification, plaintiffs sought to demonstrate that the proposed classes were ascertainable by relying on (1) expert opinion, (2) Blackbaud’s discovery responses, (3) customer notices Blackbaud sent following the breach, and (4) Blackbaud’s use of a database to comply with the California Consumer Privacy Act. The court rejected each of those arguments.Continue Reading South Carolina Federal Court Denies Class Certification in Consumer Data Breach Case
California Federal Court Finds That Plaintiffs Must Arbitrate Their BIPA Claims
Recently, a court in the Northern District of California compelled arbitration in a putative privacy class action, concluding that the arbitration provision included in a photo-editing app’s terms of use was not unconscionable. See Flora, et al., v. Prisma Labs, Inc., 2023 WL 5061955 (N.D. Cal. Aug. 8, 2023).Continue Reading California Federal Court Finds That Plaintiffs Must Arbitrate Their BIPA Claims