Tag Archives: class action

Illinois Supreme Court: Sections 15(b) and 15(d) BIPA Claims Accrue with Each Scan or Transmission

By Joel Griswold, Bonnie Keane DelGobbo and Amy L. Lenz on February 17, 2023 Posted in Data Privacy

Today the Illinois Supreme Court issued a decision in Cothron v. White Castle System, Inc. 2023 IL 128004, in which the court held that the statute of limitations accrues with each scan or transmission of biometric identifiers or biometric information for claims arising under Sections 15(b) and 15(d) of the Illinois Biometric Information Privacy Act, … Continue Reading

Welcome Partner Ed McAndrew to the DADM Group

By Theodore J. Kobus III on July 11, 2022 Posted in Cybersecurity, Privacy Class Actions

We are excited to welcome new partner Ed McAndrew to our Digital Assets and Data Management Group! Ed joins our Privacy and Digital Risk Class Action and Litigation and Digital Risk Advisory and Cybersecurity teams, and will work out of our Philadelphia and Wilmington, Delaware offices. A former federal cybercrime prosecutor, Ed served as a … Continue Reading

Aetna Agrees to Pay $17 Million and Implement Best-Practices Policy to Settle Claims of HIV-related Privacy Violations

By Brian P. Bartish and Laura E. Jehl on January 25, 2018 Posted in Data Breaches, HIPAA/HITECH, Privacy Class Actions

Last week, Aetna agreed to resolve class action claims of privacy violations related to the disclosure of thousands of members’ HIV status. The agreement will require the insurance giant to pay over $17 million into a settlement fund, the majority of which will be distributed to members of the affected class and to develop and … Continue Reading

Privacy Class Action – Theories of Liability – 2013 Year in Review

By Erica Gann Kitaev on January 14, 2014 Posted in Privacy Class Actions

Authors: Erica Gann Kitaev and Paul Karlsgodt One hot area of data privacy litigation over the past several years has been data breach class actions brought under the California Confidentiality of Medical Information Act (“CMIA”),[1] which provides that a person may recover $1,000 “nominal” damages against a healthcare provider who has negligently “released” the person’s … Continue Reading

Class Action – Damages and Class Treatment – 2013 Year in Review

By Erica Gann Kitaev on January 9, 2014 Posted in Privacy Class Actions

Authors: Erica Gann Kitaev and Paul Karlsgodt In 2013, theories of injury and damages revealed themselves to be deciding factors at the class certification stage of litigation and whether plaintiffs are able to prove damages on a class-wide basis. Even in those cases where some members of the proposed class can show that they suffered injury, … Continue Reading

Privacy Class Action – Article III Standing – 2013 Outlook

By Erica Gann Kitaev on January 7, 2014 Posted in Privacy Class Actions

Authors: Erica Gann Kitaev and Paul Karlsgodt For a number of years, the key issue in data privacy class actions has been whether plaintiffs could allege damages sufficient for standing purposes or to state a claim for relief. Several key decisions addressed the issue in 2013. In addition, in 2013, theories of injury and damages … Continue Reading

Another Blow to Data Breach Class Actions: Bell, et al. v. Blizzard Entertainment, Inc.

By Carrie Dettmer Slye on July 29, 2013 Posted in Privacy Class Actions

Editor’s Note: This post is a joint submission with BakerHostetler’s Class Action Lawsuit Defense blog. On July 11, 2013, the U.S. District Court for the Central District of California dismissed a majority of the claims brought against Blizzard Entertainment, Inc. after a data breach suffered by Blizzard in 2012. In granting the motion for judgment … Continue Reading

Court Denies Motion for Class Certification in Hannaford

By Erica Gann Kitaev on April 4, 2013 Posted in Data Breaches

Editor’s note: This is a cross-blog post with BakerHostetler’s Class Action Lawsuit Defense blog. For the latest class action defense updates, visit www.ClassActionLawsuitDefense.com. In an order surely to reverberate with both the plaintiffs’ and defense bar, on March 20, 2013, Judge D. Brock Hornby of the United States District Court for the District of Maine … Continue Reading

South Korea Court Opens the Door for Unintentional Data Breach Collective Actions

By Erica Gann Kitaev on March 2, 2013 Posted in Data Breaches, International Privacy Law, Privacy Class Actions, Privacy Litigation

Authorship Credit: Nathan A. Schacht This is a cross blog post with BakerHostetler’s class action blog. For the latest in class action developments, visit classactionlawsuitdefense.com. On February 15, 2013, the Seoul Western District Court in South Korea issued a judgment in a collective consumer action against a South Korean company for a data breach involving … Continue Reading

DPPA Does Not Prohibit Bulk Obtainment of Motor Vehicle Records

By Erica Gann Kitaev on May 7, 2012 Posted in Privacy Litigation

The Sixth Circuit Court of Appeals has upheld the dismissal of a purported class action lawsuit brought under the federal Driver’s Privacy Protection Act, 18 U.S.C. § 2127, et. seq. (“DPPA”). Plaintiffs’ claims in Wiles v. Ascom Transport System, Inc., Case No. 11-5342, were based on the bulk obtainment of personal information from Kentucky motor … Continue Reading

RockYou Proposed Settlement Would Leave Decision Standing

By Craig A. Hoffman on November 21, 2011 Posted in Data Breaches, Privacy Litigation

The parties in the Claridge v. RockYou case submitted a proposed settlement agreement to the court for approval on November 14, 2011. This case, which was filed shortly after RockYou disclosed a breach that compromised 32 million log-in credentials, received national attention in the spring. In April 2011, the California federal district court declined to … Continue Reading

Does the First Circuit’s Decision in Hannaford Signal a Changing Tide?

By Theodore J. Kobus III on October 24, 2011 Posted in Data Breaches, Payment Card Industry

Until last week, most of us thought that the Hannaford Brothers data breach litigation was just another example of how Plaintiffs are not able to recover in class action lawsuits without proof of actual harm. The Hannaford Brothers supermarket chain suffered a data breach between December, 2007 and March, 2008 where hackers accessed over 4M … Continue Reading

California Retailers Who Collect Zip Codes In Credit Card Transactions May Now Face Class Action Lawsuits

By Craig A. Hoffman on February 17, 2011 Posted in Information Security, Payment Card Industry

On February 10, 2011, the California Supreme Court issued a decision in Pineda v. Williams-Sonoma (.pdf), finding that a ZIP code constitutes “personal identification information” under California’s Song-Beverly Credit Card Act of 1971 (the “Song-Beverly Act”). The Song-Beverly Act prohibits retailers from requesting and recording “personal identification information” as a condition of a credit card transaction. … Continue Reading

If There is Credit Card Fraud, There Must Have Been a Breach

By Craig A. Hoffman on December 10, 2010 Posted in Data Breaches, Payment Card Industry, Privacy Litigation

U.S. Bank removed a putative class action complaint filed by an online merchant named Paintball Punks to U.S. District Court in Minneapolis on December 6. The complaint (Paintball v USBank.pdf) alleges that Paintball Punks suffered chargeback losses of $11,259.91 from nine transactions that were fraudulently billed to U.S. Bank-issued credit cards as a result of U.S. Bank’s failure to “remedy known … Continue Reading