Privacy

In Calhoun v. Google, LLC, Judge Koh allowed part of a claim against Google to proceed based Google Chrome's sharing of data with Google. Plaintiffs are users of Google’s Chrome browser who allege that they “chose not to ‘Sync’ their [Chrome] browsers with their Google accounts while browsing the web . . . from July 27, 2016 to the present.”… Read More

In Gardiner v. Walmart Judge Koh held that the CCPA was not retroactive. The CCPA went into effect on January 1, 2020, and it does not contain an express retroactivity provision. See Cal. Civ. Code § 1798.198 (providing the CCPA “shall be operative January 1, 2020); see also Cal. Civ. Code § 3 (“[n]o part of [this Code] is retroactive, unless expressly so declared.”). Moreover,… Read More

In In re Marriott Int'l Customer Sec. Breach Litig., No. 19-MD-2879, 2021 U.S. Dist. LEXIS 48477, at *57-68 (D. Md. Mar. 15, 2021), the Court recommended that although the class representative's device could be examined for other malware, the device could not be examined for whether the representative had good cyber-security habits. Marriott's protocol seeks inadmissible evidence and that even… Read More

In Tsao v. Captiva MVP Rest. Partnres, Ltd. Liab. Co., No. 18-14959, 2021 U.S. App. LEXIS 3055 (11th Cir. Feb. 4, 2021), the Court of Appeals for the 11th Circuit held that a data theft victim had no Articile III standing. We begin with Tsao's theory that he has Article III standing because he faces a "substantial risk of identity… Read More

On February 2, 2021, Judge Susan Van Keulen, in the Northern District of California, denied in part and granted in part Defendant's Motion to Dismiss.  Flores-Mendez et al v. Zoosk, Inc. et al. (N.D. CA; 3:20-cv-04929-WHA). Evaluating Article III standing based on Plaintiff's consent to Defendant's online privacy policy and terms of use, the Court held that: [i]f “the contract language… Read More

On January 28, 2021, Judge Alsup, in the Northern District of California, denied in part and granted in part Defendants' Motion to Dismiss.  Flores-Mendez et al v. Zoosk, Inc. et al. (N.D. CA; 3:20-cv-04929-WHA). Zoosk, a dating app, is a subsidiary of Spark.  Spark's principal place of business is in Berlin.  Spark filed a 12(b)(2) motion challenging the Court's personal… Read More

On January 27, 2021, Assembly Member Boerner Horvath introduced AB 335 - California Consumer Privacy Act of 2018: vessel information. "Existing law, the California Consumer Privacy Act of 2018, grants a consumer various rights with regard to personal information relating to that consumer that is held by a business, including the right to direct a business not to sell, as… Read More

On January 12, 2021, Judge David O. Carter granted Marriott’s Motion to Dismiss and dismissed the case, including Plaintiffs’ CCPA claim based on lack of standing.  Rahman v. Marriott International, Inc., et al.  (C.D. CA; 8:20-cv-00654), here, “Plaintiff alleges that class members were victims of a cybersecurity breach at Marriott when two employees of a Marriott franchise in Russia accessed… Read More

In Wengui v. Clark Hill, Civil Action No. 19-3195 (JEB), 2021 U.S. Dist. LEXIS 5395 (D.D.C. Jan. 12, 2021), Judge B0asberg ordered production of internal investigation reports regarding a cybersecurity breach, which were not protected by the attorney client or work product privileges. Malicious cyberattacks have unfortunately become a routine part of our modern digital world. So have the lawsuits… Read More

In I.C. v. Zynga Inc., No. 20-cv-01539-YGR, 2021 U.S. Dist. LEXIS 2227 (N.D. Cal. Jan. 6, 2021), Judge Rogers held that the defendant was entitled to limited discovery from the class representatives to obtain information to bring a proper Petition to Compel Arbitration. Currently pending in each of the captioned cases is defendant Zynga Inc.'s motion to compel arbitration or, in… Read More