Case Law & Court Rules

On April 4, 2017, New York Court of Appeals ruled that it does not have authority to hear Facebook’s appeals against motions to quash search warrants issued under the Stored Communications Act (SCA). By way of background. Facebook appealed a September 17, 2013 New York County trial court’s sealed order containing bulk SCA search warrants directing […]

    The Second Circuit affirmed the dismissal of a data breach class action for failing to sufficiently allege an injury to support standing. By way of background. Plaintiff made purchases via credit card at a Michaels store. Later on, Michaels issued a press release saying that there had been a possible data breach of its […]

On February 27, 2017, an Illinois federal court denied Google’s motion to dismiss a claim alleging that Google handles images in violation of the Illinois 2008 Biometric Information Privacy Act (BIPA). In a (putative) class action against Google Photos, plaintiffs alleged that the service collects, stores and uses- without informed consent and in violation of BIPA – the […]

The first filed privacy class law against a law firm was sent to arbitration. On April 15, 2016, Plaintiffs filed the first class action complaint against a law firm for “systematically exposing confidential client information and storing client data without adequate security”. The complaint accuses Johnson & Bell, a mid-sized Chicago firm, of failing to […]

On March 2, 2017, the California Supreme Court held that the electronic communications of a public employee about the conduct of public business may be subject to disclosure under the California Public Records Act (“CPRA”) even if the employee used a personal account. The court considered how the law, originally designed to cover paper documents, […]

On February 23, 2017, the Garante per la Protezione dei Dati Personali, the Italian Data Protection Authority (DPA), ordered a mother to delete from her Facebook feed posts containing two  judgments that include private aspects of her family’s life and most of all her daughter’s life. The DPA noted that the posted judgments allowed the identification of the […]

Amazon agreed to release information after prosecutors subpoenaed the information collected through digital assistant Amazon Echo, which answers to the name Alexa. More information is available at http://www.abajournal.com…     Follow us on& Like us on      

On January 30, 2017, the Federal Court of Canada found Globe24h.com, a Romanian based website and its sole owner and operator, in violation of the Personal Information Protection and Electronic Documents Act (PIPEDA). By way of background, the Romanian based website indexed and reposted Canadian court and tribunal decisions that were also available on Canadian legal […]

On March 8, 2017, Home Depot Inc. (Home Depot) reached an agreement that, if approved, will bring the putative class action, brought by certain financial institutions impacted by the company’s 2014 data breach, to an end. In September 2014, Home Depot announced that its payment data systems had been breached. See here. Investigation revealed hackers placed […]

On October 19, 2016, the European Court of Justice (“ECJ”) presented its conclusions in Patrick Breyer v. Bundesrepublik Deutschland (case C‑582/14). According to the ECJ The dynamic internet protocol address of a visitor constitutes personal data, with respect to the operator of the website, if that operator has the legal means allowing it to identify […]