On February 14, 2022, Noom Inc., a popular weight loss and fitness app, agreed to pay $56 million, and provide an additional $6 million in subscription credits to settle a putative class action in New York federal court.
Continue Reading Fitness App Agrees to Pay $56 Million to Settle Class Action Alleging Dark Pattern Practices
Litigation
Texas AG Sues Meta Over Collection and Use of Biometric Data
Posted on
On February 14, 2022, Texas Attorney General Ken Paxton brought suit against Meta over the company’s collection and use of biometric data. The suit alleges that Meta collected and used Texans’ facial geometry data in violation of the Texas Capture or Use of Biometric Identifier Act and the Texas Deceptive Trade Practices Act. …
Continue Reading Texas AG Sues Meta Over Collection and Use of Biometric Data
Attorneys General to Increase Enforcement Efforts on “Dark Patterns”
Posted on
Posted in Online Privacy
On January 24, 2022, a group of state attorneys general announced their commitment to ramp up enforcement work on “dark patterns” that are used to ascertain consumers’ location data.
Continue Reading Attorneys General to Increase Enforcement Efforts on “Dark Patterns”
Lloyd Court Says No to Class Action-Style Lawsuits in the UK
Posted on
Posted in Enforcement, International
On November 10, 2021, the UK Supreme Court issued its long-awaited judgment in the Lloyd v Google case. The decision is expected to make it difficult in practice for a future class action lawsuit that is brought on behalf of a class of individuals who have not actively opted in to being represented by the lead claimant to proceed under UK law.
Continue Reading Lloyd Court Says No to Class Action-Style Lawsuits in the UK
Illinois Biometric Law Limitation Period Clarified by Illinois Court
Posted on
Posted in U.S. State Law
On September 17, 2021, in Tims v. Black Horse Carriers Inc., Ill. App. Ct., 1st Dist., No. 1-20-563, the Illinois Appellate Court, in a case of first impression at the appellate level, addressed the statute of limitations under the state’s Biometric Information Privacy Act, holding that a five-year period applies to BIPA claims that allege the failure to (1) provide notice of the collection of biometric data, (2) take care in storing or transmitting biometric data, or (3) develop a publicly-available retention and destruction schedule for biometric data.
Continue Reading Illinois Biometric Law Limitation Period Clarified by Illinois Court
Quebec Enacts a New Privacy Law
Posted on
Posted in International
On September 22, 2021, the Canadian province of Quebec enacted a new privacy law, which will impose obligations beyond what is currently required under Canada’s federal privacy law. Most of the new law’s requirements will take effect in September 2023, but some will take effect earlier (in 2022) or later (2024).
Continue Reading Quebec Enacts a New Privacy Law
UK High Court Dismisses Claims Following DSG Data Breach
Posted on
On July 30, 2021, the UK High Court handed down its judgment in the case of Warren v DSG Retail Ltd [2021] EWHC 2168 (QB), determining that the claimant could not seek damages on the basis of misuse of personal information, breach of confidence or common law negligence following a data breach.
Continue Reading UK High Court Dismisses Claims Following DSG Data Breach
Zoom Agrees to Pay $85M to Settle Class Action
Posted on
On July 31, 2021, Zoom Video Communications, Inc. agreed to pay $85 million to settle a class action suit that alleged the Company violated users’ privacy rights. The proposed settlement must be approved by U.S. District Judge Lucy Koh.
Continue Reading Zoom Agrees to Pay $85M to Settle Class Action
Another Court Deems Forensic Investigation Report Not Privileged
Posted on
Posted in Information Security, Security Breach
On July 22, 2021, a Magistrate Judge in the U.S. District Court for the Middle District of Pennsylvania ordered Rutter’s to produce an investigative report prepared by a security consultant regarding a suspected data breach event, as well as all communications between the party and the company performing the investigation.
Continue Reading Another Court Deems Forensic Investigation Report Not Privileged
British Airways Settles UK Breach Class Action
Posted on
On July 6, 2021, it was reported that British Airways had settled a UK class action lawsuit relating to its 2018 data breach, in which approximately 430,000 data subjects were affected.
Continue Reading British Airways Settles UK Breach Class Action