Skip to Content (Press Enter)

Skip to Nav (Press Enter)


Subscribe to Consumer Finance

Thank you for your desire to subscribe to Severson & Werson’s Consumer Finance Weblog. In order to subscribe, you must provide a valid name and e-mail address. This too will be retained on our server. When you push the “subscribe button”, we will send an electronic mail to the address that you provided asking you to confirm your subscription to our Weblog. By pushing the “subscribe button”, you represent and warrant that you are over the age of 18 years old, are the owner/authorized user of that e-mail address, and are entitled to receive e-mails at that address. Our weblog will retain your name and e-mail address on its server, or the server of its web host. However, we won’t share any of this information with anyone except the Firm’s employees and contractors, except under certain extraordinary circumstances described on our Privacy Policy and (About The Consumer Finance Blog/About the Appellate Tracker Weblog) Page. NOTICE AND AGREEMENT REGARDING E-MAILS AND CALLS/TEXT MESSAGES TO LAND-LINE AND WIRELESS TELEPHONES: By providing your contact information and confirming your subscription in response to the initial e-mail that we send you, you agree to receive e-mail messages from Severson & Werson from time-to-time and understand and agree that such messages are or may be sent by means of automated dialing technology. If you have your email forwarded to other electronic media, including text messages and cellular telephone by way of VoIP, internet, social media, or otherwise, you agree to receive my messages in that way. This may result in charges to you. Your agreement and consent also extend to any other agents, affiliates, or entities to whom our communications are forwarded. You agree that you will notify Severson & Werson in writing if you revoke this agreement and that your revocation will not be effective until you notify Severson & Werson in writing. You understand and agree that you will afford Severson & Werson a reasonable time to unsubscribe you from the website, that the ability to do so depends on Severson & Werson’s press of business and access to the weblog, and that you may still receive one or more emails or communications from weblog until we are able to unsubscribe you.

Judge Davila of the Northern District of California held that the file transfer service was not a "business" under the CCPA and grants defendant's motion to dismiss.  The analysis turns on whether or not defendant determine how or why to process consumer PI. Accellion moves to the dismiss Plaintiffs' CCPA claim on two grounds: (1) Accellion is not a “business”… Read More

On a motion to dismiss, Judge Cormac Carney in the Central District of California discusses whether plaintiff alleged sufficient facts to show that defendant lacked reasonable security procedures for a cause of action under the CCPA: MKS first argues that Plaintiff's CCPA claim must be dismissed because his “threadbare and conclusory” allegations “fail[ ] to allege any facts to support… Read More

Ruling on a motion for class certification, Judge Edward Chen of the Northern District of California, identifies the following relevant facts: Reuters also owns an online platform called CLEAR, which provides access to public and non-public information about American consumers, including Californians. FAC ¶¶ 1–2. Reuters collects surface and deep web data, including from social media, third-party data brokers, law… Read More

In  Garrabrants v. Erhart,  the Court of Appeal addressed privacy rules within the context of a whistleblower's use of purportedly private information of another employee to blow the whistle.  The facts were as follows: Charles Matthew Erhartwasan internal auditor at BofI Federal Bank (BofI) who “blew the whistle” on his employer. Erhart copied, transmitted to multiple regulatory authorities, and subsequently… Read More

In MARILYN HERNANDEZ, individually & on behalf of all others similarly situated, Plaintiff, v. NOOM, INC., Defendant., No. 1:23-CV-00641-JRR, 2023 WL 8934019, at *1–2 (D. Md. Dec. 27, 2023), Judge Rubin found no Article III standing for a wiretapping claim based on a website's capture and recording of users’ electronic interactions with the website. Plaintiff Marilyn Hernandez, individually and on… Read More

IN THE NATIONAL FIRE INSURANCE COMPANY OF HARTFORD & CONTINENTAL INSURANCE COMPANY, Plaintiffs-Appellees, v. VISUAL PAK COMPANY, INC. & LUIS SANCHEZ, Individually & on Behalf of All Others Similarly Situated, Defendants-Appellants., 2023 IL App (1st) 221160, the Court of Appeal found no coverage for a TCPA claim brought against an insured. In this insurance coverage dispute, plaintiffs National Fire Insurance… Read More

In Briskin v. Shopify, Inc., No. 22-15815, 2023 WL 8225346, at *1–3 (9th Cir. Nov. 28, 2023), the Court of Appeals for the 9th Circuit found no jurisdiction over a web-based payment processing platform sued under California's privacy laws. The facts were as follows: The defendants in this case offer a web-based payment processing platform to merchants nationwide. When processing… Read More

In Torres v. [Automobile Finance Company], No. 823CV00688DOCDFM, 2023 WL 5505887, at *5 (C.D. Cal. July 13, 2023), Judge Carter struck class action allegations in a data breach/CCPA case and ordered the Plaintiff's individual matter to arbitration. The facts were as follows: The following facts are drawn from Defendant's Notice of Removal (Dkt. 1), and the Declaration of XXX (“[]Decl.”)… Read More

The Federal Trade Commission has approved an amendment to the Safeguards Rule that would require non-banking institutions to report certain data breaches and other security events to the agency.  The FTC’s Safeguards Rule requires non-banking financial institutions, such as mortgage brokers, motor vehicle dealers, and payday lenders, to develop, implement, and maintain a comprehensive security program to keep their customers’ information… Read More

The FTC's Press Release of October 27 states: The FTC’s Safeguards Rule requires non-banking financial institutions, such as mortgage brokers, motor vehicle dealers, and payday lenders, to develop, implement, and maintain a comprehensive security program to keep their customers’ information safe. In October 2021, the FTC announced it had finalized changes to the Safeguards Rule to strengthen the data security… Read More

In Felicia Durgan, et al., Plaintiffs, v. U-Haul Int'l Inc., Defendant., No. CV-22-01565-PHX-MTL, 2023 WL 7114622, at *6–7 (D. Ariz. Oct. 27, 2023), the Arizona district court allowed a CCPA claim to proceed past the pleadings stage.  The Court found that the Plaintiff had properly pleaded an absence of reasonable policies and procedures under the CCPA. The CCPA provides a… Read More

In Jones v. Ford Motor Co., No. 22-35447, 2023 WL 7097365 (9th Cir. Oct. 27, 2023), the Court of Appeals for the 9th Circuit affirmed dismissal of a privacy class action due to absence of standing.  In Jones, the Owner of a vehicle equipped with “infotainment” system that automatically downloaded, copied, and indefinitely stored the call logs and text messages of… Read More

In Chien v. Bumble Inc., 641 F. Supp. 3d 913, 927–30 (S.D. Cal. 2022), District Court Judge Gonzalo P. Curiel addressed the sufficiency of California contacts for specific personal jurisdiction in a data privacy case that includes a claim for violation of the CCPA. In the context of a nationally accessible website, “something more” than operating a passive website is… Read More

In Bohnak v. Marsh & McLennan Companies, Inc., No. 22-319, 2023 WL 5437558, at *1 (2d Cir. Aug. 24, 2023), the Court of Appeals for the Second Circuit addressed Article III standing requirements and a framework in data breach cases where an individual whose personally identifying information (“PII”) is exposed to unauthorized actors, but has not (yet) been used for… Read More

In In re Marriott Int'l, Inc., No. 22-1744, 2023 WL 5313006, at *6 (4th Cir. Aug. 18, 2023), the Court of Appeals for the 4th Circuit rejected class certification in a data breach case.  First, the Court of Appeals found that addressing the Defendant's contractual class-action waiver defense needed to be done prior to class certification and not after. The… Read More

Judge Larry Alan Burns of the Northern District of California addressed four different arguments on a Motion to Dismiss a CCPA cause of action. Holding No. 1:  allegations that a business failed to utilize alleged industry technology was sufficient to plead a failure to implement and maintain reasonable security measures. [Defendant] argues that the CCPA doesn't impose a duty to… Read More

In People v. Ct. Ventures, Inc., No. G061093, 2023 WL 4673750, at *3–4 (Cal. Ct. App. July 21, 2023), the Court of Appeal in an unpublished decision limited the scope of the CRA to current owners/licensees of PII. Civil Code section 1798.82 provides in relevant part: “(a) A person or business that conducts business in California, and that owns or… Read More

The CFPB issued its Summer 2023 Supervisory Highlights, including a section on security protocols. "The CFPB’s Supervision program evaluates information technology controls at supervised institutions that may impact compliance with Federal consumer financial law or implicate risk to consumers. The CFPB assesses the effectiveness of information technology controls in detecting and preventing data breaches and cyberattacks. For example, inadequate security… Read More

United States District Court Judge Cynthia Bashant, of the Central District of California, ruled on several privacy claims on a motion to dismiss. Addressing injury in fact: "Plaintiff alleges Defendant collected his personal information in violation of the California Constitution and various California statutes. (Am. Compl. ¶ 1.) Among the collected data are his “geolocation, ... communications related to his… Read More

A District Court in Washington dismissed Plaintiffs' claim for statutory damages because they failed to give pre-suit notice under the CCPA.  The Court dismissed the request for statutory damages without prejudice meaning Plaintiffs can give notice (despite the pending action) and then seek to amend and add back in a request for statutory damages. Plaintiffs ... insist that they seek… Read More

1 2 3 8