On July 30, 2021, the UK High Court handed down its judgment in the case of Warren v DSG Retail Ltd [2021] EWHC 2168 (QB), determining that the claimant could not seek damages on the basis of misuse of personal information, breach of confidence or common law negligence following a data breach.
Continue Reading UK High Court Dismisses Claims Following DSG Data Breach

On July 22, 2021, a Magistrate Judge in the U.S. District Court for the Middle District of Pennsylvania ordered Rutter’s to produce an investigative report prepared by a security consultant regarding a suspected data breach event, as well as all communications between the party and the company performing the investigation.
Continue Reading Another Court Deems Forensic Investigation Report Not Privileged

On June 25, 2021, the U.S. Supreme Court in TransUnion LLC v. Ramirez held in a 5-4 decision that certain members of a class action lawsuit, whose inaccurate credit reports were not provided to third parties, did not suffer a “concrete” injury sufficient to confer Article III standing.
Continue Reading Spokeo 2.0 – The Supreme Court Provides Clarity on the “Injury” Necessary to Bring Suit

On May 25, 2021, the Grand Chamber of the European Court of Human Rights handed down its judgement in the case of Big Brother Watch and Others v. the United Kingdom, determining that the former surveillance regime in the UK violated Article 8 of the European Convention on Human Rights (i.e., the right to respect for private and family life).
Continue Reading European Court of Human Rights Says Bulk Interception Is Not a Violation of Human Rights

As reported on the Hunton Retail Law Blog, the U.S. Court of Appeals for the Second Circuit has affirmed the dismissal on Article III standing grounds of a data breach class action predicated on an alleged increased risk of identity theft. Notably, the district court that dismissed the action raised the issue of standing sua sponte in advance of a scheduled class settlement fairness hearing.
Continue Reading Second Circuit Affirms Dismissal of Data Breach Class Action on Article III Standing Grounds

As reported on Hunton’s Retail Law Blog, on April 22, 2021, the U.S. Supreme Court unanimously held in a highly-anticipated case, AMG Capital Management, LLC v. FTC, that the Federal Trade Commission cannot seek or obtain equitable monetary relief pursuant to §13(b) of the FTC Act, putting an end to the use of §13(b) as a significant enforcement tool.
Continue Reading Supreme Court Rules FTC Cannot Rely on “Injunction” Provision to Obtain Equitable Monetary Relief

On April 9, 2021, the First-Tier Tribunal of the General Regulatory Chamber stayed proceedings in Ticketmaster UK Limited’s (“Ticketmaster’s”) appeal against a fine issued by the UK Information Commissioner’s Office (“ICO”) until 28 days after a judgment in civil litigation brought by 795 customers against Ticketmaster. The group action, which relates to the breach for which Ticketmaster was fined by the ICO, is currently before the High Court in England. As a result of the stay in proceedings, the appeal likely will not be heard before the Tribunal until mid to late 2023.

Continue Reading Ticketmaster Appeal of ICO Fine Stayed by UK Tribunal Until 2023

On April 1, 2021, California’s Supreme Court ruled unanimously that the state’s prohibition on recording calls without consent applies to parties on the call and not just third-party eavesdroppers. Writing for the Court, Chief Justice Tani G. Cantil-Sakauye wrote that California’s penal code “prohibits parties as well as nonparties from intentionally recording a communication transmitted between a cellular or cordless phone and another device without the consent of all parties to the communication.”
Continue Reading California Supreme Court Requires All-Party Consent to Record Phone Calls