A U.S. district court recently granted in part and denied in part the New York Times’s motion to dismiss claims that its subscription renewal terms violated North Carolina’s little-used Automatic Renewal Statute. The plaintiff, on behalf of a putative class, claimed that the Times subscription process failed to adequately disclose the automatic renewal and cancellation options as required by the statute. The court dismissed several of the plaintiff’s claims, but the case was allowed to proceed on allegations that the methodology for canceling was not clearly and conspicuously disclosed, and that the terms of subscription price increases were not provided in the format required by the statute.
Court Dismisses Class Action Seeking to Hold Cryptocurrency Exchange Coinbase Liable for Sale of Unregistered Securities
A federal district court recently dismissed with prejudice a putative class action against the cryptocurrency exchange Coinbase, where the plaintiffs sought to hold the exchange liable for the sale of unregistered securities on behalf a nationwide class. The court held that Coinbase neither directly sold the accused tokens to plaintiffs nor actively solicited their sale, and thus plaintiffs’ federal claims must be dismissed. This decision has important implications for digital asset exchanges, which have faced a significant increase in class actions alleging the exchanges are themselves liable for the sale of unregistered securities.
Class Action Suit Brought Under CIPA Section 637.7 for Alleged Location-Based Tracking of Vehicles Is Dismissed
A U.S. District Court Judge in California dismissed a putative class action asserting claims under section 637.7 of the California Invasion of Privacy Act (CIPA) in a case that could have useful implications for automotive and other device manufacturers whose products have the ability to track location. Plaintiff claimed that a third-party company, Otonomo Inc., partnered with automobile manufacturers to use the telematics control units (TCUs) installed in their vehicles to track a driver’s location via GPS without the driver’s knowledge. The Court rejected the claim, holding that because the TCU devices were built-in, rather than devices added to a vehicle, they were not “attached” to the car and thus did not fall within the statute’s definition of “electronic tracking device.”
S.E.C. Wins Summary Judgment Determination That Cryptocurrency Token Qualifies as a Security
In a recent decision, a federal judge granted summary judgment for the Securities and Exchange Commission (SEC) finding that the LBC cryptocurrency token qualifies as a security. While the ruling is confined to this specific token, it represents a victory for the SEC’s assertions that many cryptocurrencies, including so called “utility tokens,” represent securities that need to be registered with the agency. The Court also held that the makers of the LBC token, LBRY, Inc., had fair notice that the token was subject to the securities laws. Considering the ongoing class actions and enforcement proceedings litigating this issue across several cases, companies operating in the cryptocurrency space, including cryptocurrency exchanges, should follow this development to assess any possible impact on their businesses.
Illinois BIPA jury verdict highlights rising prominence of class actions based on state privacy statutes
Following a week-long trial, a jury in Illinois awarded a plaintiff class of truck drivers a $228 million verdict against BNSF Railways for violations of the Illinois Biometric Information Privacy Act (“BIPA”). The large verdict, arising from the first case to go to trial under the 2008 law, highlights the potential impact of class actions brought under this statute.
Fifth Circuit Applies TransUnion To Conclude Plaintiff Lacked Standing To Assert FDCPA Claims.
The Fifth Circuit reversed a class certification order for claims under the Fair Debt Collection Practices Act (“FDCPA”) because the plaintiff lacked Article III standing. Perez v. McCreary, Veselka, Bragg & Allen, P.C., No. 21-50958, 2022 WL 3355249 (5th Cir. Aug. 15, 2022). The Court held that merely sending a letter to collect a time-barred debt, although a violation of the FDCPA, does not satisfy Article III’s injury-in-fact requirement.
Court dismisses class claims related to cyber vulnerability embargo
After several twist and turns, on July 7th Intel Corp. succeeded in achieving final dismissal of class claims alleging that Intel knew about purported security vulnerabilities in its microprocessors and failed to disclose or mitigate those vulnerabilities. The case, In Re Intel Corp. CPU Marketing, Sales Practices and Products Liability Litigation, 3:18-md-02828, had a long history—a narrowed set of class claims had survived three prior rounds of motions to dismiss. Had the claims been allowed to go forward a fourth time, businesses may have faced additional liability concerns for attempting to address cyber vulnerabilities in their products before those exploits became public and susceptible to exploitation by hackers.
Continue Reading Court dismisses class claims related to cyber vulnerability embargo
Litigation Between FinTech Companies Follows Class Action Over Cryptocurrency Theft
This past week, co-defendants in a class action related to the theft of cryptocurrency engaged in their own lawsuit over alleged security failures. IRA Financial Trust, a retirement account provider offering crypto-assets, sued class action co-defendant Gemini Trust Company, LLC, a crypto-asset exchange owned by the Winklevoss twins, following a breach of IRA customer accounts. IRA claims that Gemini failed to secure a “master key” to IRA’s accounts, and that hackers were able to exploit this alleged security flaw to steal tens of millions of dollars of cryptocurrency. This lawsuit demonstrates the growing trend of cryptocurrency thefts resulting from cyber breaches, and ensuing litigation activity.
Continue Reading Litigation Between FinTech Companies Follows Class Action Over Cryptocurrency Theft
Companies Increasingly Facing Class Actions Connected to Cryptocurrency Theft
A recent class action refiled in federal court against Shopify highlights a growing trend of lawsuits against companies related to the theft of cryptocurrency, particularly as a result of internal company threats. See Forsberg et al v. Shopify, Inc. et al, 1:22-cv-00436 (D. Del.). Despite not itself being a repository for or facilitating the sale of any cryptocurrency, the plaintiffs in the Shopify case allege that Shopify is liable for a theft of cryptocurrency after Shopify experienced a data breach caused by its own employees, which exposed a customer list for a cryptocurrency hardware wallet vendor, Ledger SAS. As cryptocurrency storage and related transactions increasingly feature in companies’ online presence, there is likely to be a growing risk posed by threat actors motivated to target crypto-related assets and data, and more litigation activity in this space.
Continue Reading Companies Increasingly Facing Class Actions Connected to Cryptocurrency Theft