At the end of last month, courts handed down two decisions in favor of website operators and their service providers in session replay litigation, granting motions to dismiss on personal jurisdiction grounds.
Another Court Dismisses VPPA Class Action Because Defendant’s Online Videos Were Only a Peripheral Part of Its Business
Last month, a defendant won dismissal of a putative VPPA class action when the court concluded that the defendant’s use of online videos was not central to the defendant’s business, and the VPPA therefore did not apply. Another court has now reached the same result. See Cantu v. Tapestry, Inc., 3:22-cv-01974 (S.D. Cal. July 10, 2023). This trend highlights the limits of the VPPA’s reach and provides forceful grounds for future motions to dismiss and demand letter responses.
Recent Decision Dismissing VPPA Class Action Claim Shows Limits of VPPA’s Reach
In the past year, plaintiffs have filed a wave of lawsuits asserting claims under the Video Privacy Protection Act (“VPPA”) in connection with the alleged use of third-party pixels on websites that offer video content. A recent decision establishes the limits of the VPPA’s reach and provides a well-reasoned ground for future motions to dismiss.
Continue Reading Recent Decision Dismissing VPPA Class Action Claim Shows Limits of VPPA’s Reach
Illinois Supreme Court Holds Five-Year Statute of Limitations Applies to All Claims under BIPA
The Illinois Supreme Court recently held that all claims brought under the Biometric Information Privacy Act (“BIPA”) are subject to a five-year statute of limitations, partly overturning a lower court decision that had applied a one-year limitations period to some claims brought under the law. See Tims v. Black Horse Carriers, Inc., 2023 IL 127801 (Feb. 2, 2023).
The plaintiff, Jorome Tims, filed a putative class action against his former employer, alleging that the trucking and logistics company violated BIPA by requiring its employees to use a time clock with a fingerprint scanner without (i) implementing a publicly available data retention and destruction policy; (ii) notifying employees and obtaining their consent when collecting their biometrics; and (iii) obtaining employee consent before disclosing their biometric information to third parties. The defendant moved to dismiss the complaint, arguing that the plaintiff’s claims were barred by the one-year statute of limitations under the Illinois Code of Civil Procedure that governs actions for the “publication of matter[s] violating the right of privacy.”
Illinois BIPA jury verdict highlights rising prominence of class actions based on state privacy statutes
Following a week-long trial, a jury in Illinois awarded a plaintiff class of truck drivers a $228 million verdict against BNSF Railways for violations of the Illinois Biometric Information Privacy Act (“BIPA”). The large verdict, arising from the first case to go to trial under the 2008 law, highlights the potential impact of class actions brought under this statute.
Emerging Trends: Renewed Wave of Video Privacy Class Actions
Recent months have seen a growing trend of data privacy class actions asserting claims for alleged violations of federal and state video privacy laws. In this year alone, plaintiffs have filed dozens of new class actions in courts across the country asserting claims under the federal Video Privacy Protection Act (“VPPA”), Michigan’s Preservation of Personal
Fourth Circuit Holds Statements About Importance of Data Security Not Actionable
The Fourth Circuit’s opinion last week in In re Marriott International, Inc., — F.4th —-, No. 21-1802 (4th Cir. Apr. 21, 2022), could prove useful to companies facing data breach class actions. Following a data breach of the Starwood guest reservation system, Marriott investors brought securities claims alleging that the purported failure to disclose vulnerabilities in Starwood’s IT systems rendered certain public statements false or misleading.
Continue Reading Fourth Circuit Holds Statements About Importance of Data Security Not Actionable
Court Rejects Dismissal of Illinois Biometric Information Privacy Act Against Clearview in Pending Multidistrict Litigation
An Illinois federal district court recently rejected dismissal of Illinois Biometric Information Privacy Act (“BIPA”) claims in In re Clearview AI, Inc., Consumer Privacy Litigation, No. 21-cv-135 (N.D. Ill.). The Clearview plaintiffs alleged that Clearview violated their privacy rights without their knowledge and consent by scraping more than three billion photographs of facial images from the internet and using artificial intelligence algorithms on the images to harvest individuals’ unique facial biometric identifiers and corresponding biometric information. Clearview sought dismissal of the BIPA claims under the First Amendment, extraterritoriality doctrine, dormant commerce clause, and BIPA’s express exemption for photographs. The court rejected these grounds, and declined to dismiss the BIPA claims.
Illinois Supreme Court Rules Workers’ Compensation Act Does Not Bar BIPA Liquidated Damages Claims
On Thursday, the Illinois Supreme Court unanimously ruled in McDonald v. Symphony Bronzeville Park LLC that the exclusivity provisions of the state’s workers’ compensation statute do not preclude liquidated damages claims under the Biometric Information Privacy Act. The decision narrows the defenses available to employers facing employment-related BIPA claims.