Data Privacy and Cybersecurity

A California federal judge has denied class certification in a data privacy lawsuit against Yodlee, Inc., finding that the proposed class representatives lacked Article III standing and failed to satisfy Rule 23’s typicality and adequacy requirements.  Covington represents Yodlee in this action.  Clark v. Yodlee, No. 20-cv-05991-SK (N.D. Cal.)

Continue Reading California Federal Court Denies Class Certification in Data Privacy Case

The California Invasion of Privacy Act (CIPA) provides a private right of action only to those who have “been injured by a violation of” CIPA.  A California Superior Court decision, Rodriguez v. Fountain9, Inc., 2024 WL 3886811, at *4 (Cal. Super. July 9, 2024), confirmed that a plaintiff cannot satisfy this statutory standing requirement unless the plaintiff alleges “a concrete injury-in-fact.”Continue Reading California State Court Holds That A Concrete Injury-In-Fact Is Required To Bring Claims Under CIPA

A Central District of California court recently dismissed a putative privacy class action after determining that the movie theater defendants were not Video Tape Service Providers as defined by the Video Privacy Protection Act (“VPPA”).  See Walsh v. California Cinema Investments LLC, 2024 WL 3593569 (C.D. Cal. July 29, 2024).  Two other California federal courts recently have reached similar conclusions, and appeals of those rulings are currently pending before the Ninth Circuit.  See Garza v. Alamo Intermediate II Holdings, LLC, 2024 WL 1171737, at *1 (N.D. Cal. Mar. 19, 2024); Osheske v. Silver Cinemas Acquisition Co., 700 F. Supp. 3d 921 (C.D. Cal. 2023).Continue Reading Another California Federal Court Rules Movie Theater Is Not “Video Tape Service Provider” Under the VPPA.

On August 6, 2024, Judge Jorge L. Alonso of the Northern District of Illinois issued an order dismissing Brantley v. Prisma Labs, Inc., a proposed class action suit against the creator of the “Magic Avatar” AI app for lack of standing and lack of personal jurisdiction over the representative plaintiff Tyrone Brantley.Continue Reading Judge Makes Class Action Claims Against “Magic Avatar” AI App Disappear

Delivering a significant win for businesses hit with website wiretapping lawsuits, a California federal judge granted a defendant’s motion for summary judgment under the California Invasion of Privacy Act (“CIPA”) in Gutierrez v. Converse Inc., 2024 WL 3511648 (C.D. Cal. Jul. 12, 2024). 

The website tool at issue in this case, like hundreds of other cases, was a third-party-enabled chat feature that businesses install on their websites to connect customers with live customer service agents.  Plaintiff Nora Gutierrez alleged that she visited Defendant Converse’s website with this chat feature installed, and that the chat provider stored her chat communications with Converse’s customer service agents on its servers.  Gutierrez characterized this practice as “wiretapping” and she asserted a claim against Converse for aiding and abetting the alleged wiretapping in violation of the first and second clause of CIPA section 631(a).Continue Reading California Federal Court Grants Summary Judgment to Defendant in CIPA Website Wiretapping Case

Earlier this summer we reported that federal courts of appeals are more closely scrutinizing class action settlements that award class counsel outsized sums not reflecting counsels’ time spent on the litigation.  Last week, the Eighth Circuit joined the trend by reversing an attorneys’ fee award of almost $80 million in a “megafund” case that “had barely gotten off the ground before it settled.”  In re T-Mobile Customer Data Sec. Breach Litig., — F.4th —, 2024 WL 3561874, at *1 (8th Cir. July 29, 2024).Continue Reading Eighth Circuit Reverses “Windfall” Fee Award to Class Counsel

On August 2, 2024, Illinois’ governor signed into law S.B. 2979, a significant amendment to the Illinois Biometric Information Privacy Act (BIPA). The bill states that an entity that, in more than one instance, obtains the same biometric identifier or biometric information from the same person using the same method of collection, in violation of BIPA’s notice and consent requirement has committed a single violation. As a result, each aggrieved person is entitled to, at most, one recovery for a single collective violation.Continue Reading Illinois Enacts BIPA Amendment Limiting Violation Accrual

Hundreds of lawsuits have accused businesses of using website analytics tools to “wiretap” their customers’ interactions with their website, but these lawsuits often overlook a basic pleading requirement of any wiretapping claim: the collection of a “communication.”  A California federal judge last week added teeth to this requirement, dismissing a wiretapping lawsuit filed against Great Wolf Resorts, Inc. (“Great Wolf”) because the plaintiff failed to plead what “communication” she had with the Great Wolf website in the first place.  See Augustine v. Great Wolf Resorts, Inc., 2024 WL 3450967 (S.D. Cal. July 18, 2024).Continue Reading California Federal Court Puts Teeth Behind “Communication” Element of Website Wiretapping Claims

A recent Seventh Circuit decision, Wallrich v. Samsung Elecs. Am., Inc., — F.4th —-, 2024 WL 3249646 (7th Cir. July 1, 2024), will be of interest to companies facing mass arbitration demands.Continue Reading Seventh Circuit Reverses Order Compelling Payment of Mass Arbitration Fees

Earlier this year, we covered the dismissal of a putative class action asserting Video Privacy Protection Act (VPPA) claims against the operators of a Texas Longhorns email newsletter. A judge in the Western District of Texas has now dismissed those claims, along with a newly asserted Wiretap Act claim, with prejudice. See Brown v. Learfield Commc’ns, LLC, 2024 WL 1477636 (W.D. Tex. June 27, 2024).  Continue Reading District Court Again Rejects VPPA, Wiretap Claims Against University Newsletter Service