Articles Posted in Privacy Law

Published on:

Google has been sued in the past and is being sued in the future.  The last time, within the USA, this time within the UK.  The accusation is for collecting personal data of millions within the UK and is the first of its kind of massive legal action.  Within the USA, this kind of case is yet to be tested.

People feel that their privacy is invaded when it harvests information by settings on iPhones, through use of cookies which collect information on devices to target advertising that will be received by users.  Apparently, this has been a trend in place since 2011 for persons that choose to implement Safari on their devices.

On what basis will people sue?  The abuse of trust is what people feel most strongly about.  A strong message from the people is being made in asserting that individuals values their rights above any abuse received due to technology giants in the Silicon Valley.  Abuse occurs when rights are violated by a breach of privacy.  Procedural and jurisdictional violations have been made by non-disclosure and this sets up a basis for grounds of the suit. Google plans to still contest on the grounds of no basis.  Some law firms have taken up a similar claim within the USA.  While no precedent has been set in the UK, there has been grounds in the USA.   Google agreed to pay a record $22.5m in a case brought by the US Federal Trade Commission (FTC) on the same issue in 2012.

The record of large civil penalties to settle Federal Trade Commission charges alleged misrepresentation to users of Apple Inc.’s Safari Internet browser that it would not place tracking “cookies” or serve targeted ads to those users, violating an earlier privacy settlement between the company and the FTC. The FTC wanted to ensure that it lived up to the privacy it offered consumers.  The order that was made required Google to disable all tracking cookies and pay a civil penalty.  Continue reading

Published on:

Vendors who share customers’ personal identifying information (name, email address, phone number, zip code, etc.) is a major issue in the world of consumer law today. Vendors (particularly online and mobile vendors) are often tempted to take a customer’s payment information and then sell it to a third party after the transaction has been completed. That third party can then use the customer’s information however they want.

Because of consumers’ numerous complaints about the flagrant mishandling of their personal information, many companies have begun either revealing in their Terms of Service contracts that they might distribute a customer’s personal information, or promising not to reveal their customers’ personal information to a third party, unless it’s required to complete a transaction, or for legal reasons. When given an option between a vendor that sells personal information and a similar vendor that maintains their customers’ privacy, most customers will choose the vendor that respects their privacy.

This issue is at the heart of a recent consumer class action lawsuit filed against Google in California. The company’s Wallet users, who can buy apps through Google Play, agreed to Google’s Terms of Service and privacy policy every time they purchased an app through Google’s Wallet feature. According to the consumer lawsuit, Google’s Terms of Service assure customers their private information will not be shared with any third-party vendors unless it is necessary to do so in order to complete the transaction, or for legal purposes. But the lawsuit alleges that, despite these promises, Google shared the personal information of its Wallet customers with third parties, even after having completed the purchase. Continue reading

Published on:

Violations of the Telephone Consumer Protection Act (TCPA) are subject to a judgment of anywhere from $400 per call to $1,200 per call, depending on whether the court deems the defendant to have been deliberately willful in its violation of consumers’ privacy.

The TCPA was enacted shortly after cell phones became prominent in the market and cell phone users were charged for the calls they received, as well as those they made. To protect consumers from having to pay for promotional calls they didn’t want to receive on their cell phones, legislators came up with the TCPA, which makes it illegal for companies to call consumers on their cell phone in a non-emergency situation, unless the company has received the consumers’ express permission to do so.

According to U.S. District Judge Catherine C. Eagles, Dish Network LLC earned the highest judgment for the promotional calls they had made to consumers using Satellite Systems Network and allegedly failing to properly regulate the calls that company made on Dish’s behalf.

The lawsuit was filed in 2014 by Thomas Krakauer, who claimed he received multiple calls from SSN on Dish’s behalf from 2009 to 2011, despite being on the National Do-Not-Call Registry. Since he filed is class action against those two companies, the North Carolina federal court has certified two more class actions with similar claims of having received telemarketing calls from Dish or SSN between 2010 and 2011.

In Krakauer’s case, the jury found that SSN had placed more than 51,000 promotional phone calls in violation of the TCPA in the relevant time period and awarded damages to the plaintiffs of $400 for each phone call, bringing the total to about $20.5 million.

But Judge Eagles found that treble damages were warranted, since Dish had willfully violated the TCPA by failing to oversee SSN’s telemarketing practices, despite having promised regulators it would do so. Judge Eagles therefore raised the damages to $1,200 per illegal phone call for a total of $61 million. Continue reading

Published on:

Many people have long given up the hope of having any privacy when we’re online. From cookies to tracking search results to targeted advertising, it’s pretty widely accepted that the internet is not a private place, although many users continue to insist internet companies stop tracking our every move.

Back in 2010, Facebook was storing digital cookies on consumers’ internet browsers and using those cookies to track the users’ visits to other sites that contained Facebook’s “like” button (which allows viewers to post a like of the article or website to their Facebook account without leaving the page). The tracking continued even after users had logged out of their Facebook accounts.

Facebook had promised consumers it would delete the cookies, but the company continued to access information on the cookies until 2011, when an independent researcher brought the issue to the attention of the public. At that point, a class of plaintiffs sued Facebook for allegedly violating federal and California state privacy laws by using the cookies. The time period for the lawsuit goes from April 2010, when the company said it had stopped using cookies, to September 2011, when the tech giant actually stopped using the cookies after it had been outed.

Although a lot can change in five years, the plaintiffs are still pursuing their claims against Facebook, having revised their allegations after the judge dismissed their original claims in the fall of 2015. Continue reading

Published on:

As more and more of our personal information ends up online (either through our own actions or someone else’s) we must all be increasingly vigilant about taking the necessary steps to insure our privacy from hackers. Businesses and website hosts need to be especially careful about protecting themselves from liability in the event of a data breach.

Class action lawsuits claiming damages against businesses that allegedly did not take the proper measures to protect against security breaches have been popping up with increasing frequency all over the country, but depending on the case, proving actual damages can be easier said than done.

Most, if not all, banks and credit card companies offer identity theft protection – for a fee. They’ll cover the costs of any unverified charges if your information gets stolen, but only if you pay them a monthly fee. The fee is usually around $5/month, but even that can be prohibitive for low-income consumers. As a result, most plaintiffs suing as a result of a data breach at least sue for the costs of purchasing identity theft protection. Continue reading

Published on:

A recent class action lawsuit filed against Facebook may end up having far-reaching implications for large companies that do business all over the country. The lawsuit has to do with the facial recognition technology the social media company utilizes to allow users to “tag” themselves and each other in photos that get posted on the site.

The named plaintiffs of the class action lawsuit sued Facebook in Illinois for allegedly violating the Illinois Biometric Information Privacy Act (BIPA). The law requires companies using facial-recognition software to inform their customers of the facial-geometry data that is being collected, how long the information is stored for, and how it gets used.

The law also requires companies to get a written release from consumers to authorize the company to collect the data. Negligent violations of BIPA come with statutory damages of $1,000 and $5,000 for violations that are considered to be intentional and reckless. Continue reading

Published on:

It is common for parties involved in a lawsuit, especially a large class action, to settle their legal claims outside of court, instead of pursuing the dispute all the way to a court ruling. But just because one party makes an offer, does not mean the other party is required to accept that offer. Each side will agree to or reject an offer to settle the dispute based on a number of factors, of which the amount of the settlement is just one.

In some cases involving statutory damages, such as allegations of violating the Telephone Consumer Protection Act (TCPA), if a defendant offers to pay the lead plaintiff all actual and statutory damages in full, the plaintiff’s claims are considered null and void, regardless of whether the plaintiff accepts the terms of the settlement. This allows defendants to avoid a large and costly class action lawsuit by paying off the claims of just one plaintiff. But that recently changed with a ruling by the Supreme Court. Continue reading

Published on:

The drastic advances in technology that have happened in recent years make many aspects of modern living much easier, but they have also put certain aspects of our lives at risk that were never at risk before. For example, as people use cash less and less and increasingly rely on their credit cards to pay for their everyday purchases, more and more people have had their credit cards compromised and used to pay for purchases they never authorized. It is now common for credit card companies to offer credit card protection, in which users won’t be made to pay for purchases they did not authorize, but credit card companies usually charge an extra fee for that protection.

Data security is doing its best to keep up with the hackers, but that’s not always possible. Many companies, especially large chains, have suffered data breaches in which hackers illegally gain access to customers’ credit card information. Since it is often very difficult, if not impossible, to locate and prosecute the hackers themselves, the company that suffered the data breach is often faced with a class action lawsuit from customers who had their credit card information exposed as a result of the company’s failure to have the proper protections in place. Continue reading

Published on:


The rulings made by appellate courts can affect many decisions to come in rulings made by lower courts all over the country. In a recent data breach lawsuit against Neiman Marcus, the retailer argued the ruling made by the Seventh Circuit Court could have long-term effects on data breach law if the court failed to change its ruling.

The court denied Neiman Marcus’s appeal and let its initial decision stand.

The consumer lawsuit consists of a proposed class of about 350,000 plaintiffs who allegedly suffered financial damages as a result of a security breach of Neiman Marcus’s systems in 2013. The plaintiffs allege the retailer did not take all necessary precautions in preventing or mitigating a security breach that exposed customers’ payment card details. The data breach lawsuit also alleges Neiman Marcus did not notify its customers of the data breach in a timely manner, once the security attack had happened. Continue reading

Published on:

Data Breach Cases

We are investigating various data breach cases and will bring class actions on behalf of victims of data breaches such as the Target, Ashley Madison, Sony and Home Depot data breaches.

Contact Us if You Are a Victim of the Ashley Madison Data Breach or of Another Data Breach