This past August, Dave & Buster’s, the restaurant-cum-arcade chain, was sued in California state court for allegedly violating the cash-out provision of California’s gift-card law.[FN1] Under California’s law, a gift-card issuer must allow the holder of a card worth less than $10 to redeem it for cash upon request.[FN2] In the suit, plaintiff alleges that … Continue Reading
A purported class action lawsuit was recently filed against meal-delivery service Blue Apron based on its alleged failure to satisfy the requirements of California’s law regulating automatic-renewal provisions in consumer contracts (Cal. Bus. & Prof. Code § 17600 et seq.). The case, C.D. Cal. No. 2:15-cv-05521, was filed in June 2015 and removed to federal … Continue Reading
Recently, the American Arbitration Association (AAA) updated its Consumer Arbitration Rules to require pre-registration of consumer arbitration clauses and the payment of an annual fee for the ability to use its arbitration service. Now may be a good time to review your company’s arbitration clause if it currently provides for AAA arbitration of consumer disputes. Why Review … Continue Reading
Just last week, the United States Supreme Court provided much-needed clarification on the issue of who has standing to bring a false advertising claim under the Lanham Act, 15 U.S.C. § 1152(a). The decision, Lexmark Int’l v. Static control Components, US Supreme Court slip opinion (March 25, 2014), provides a national standard that remedies a three-way … Continue Reading
On March 6, 2014, the Department of Justice (“DOJ”) issued a press release announcing a proposed consent decree against H&R Block to resolve claims that the H&R Block website, mobile applications, and online tax preparation products were not appropriately accessible to the disabled. DOJ alleged that failing to make these online services accessible to the … Continue Reading
California and 14 other states plus the District of Columbia have laws that restrict the collection of personal information at the point of sale when payment is by credit card. Unfortunately for retailers, the scope of prohibited conduct under these laws is not always clear. Complicating matters further, these laws were generally enacted in the … Continue Reading
In the first case of its kind (that I am aware of), the California Attorney General’s office filed a complaint against the Kaiser Foundation Health Plan, Inc. (“Kaiser”) alleging a violation of California’s “unfair competition law” (Business and Professions Code sections 17200-17210) arising out of a personal information security breach and delayed notification. This lawsuit … Continue Reading
California has a statute (California Code of Civil Procedure §425.16) that allows a court to strike any cause of action brought against a defendant who was acting in furtherance of his or her constitutional free speech right, unless the plaintiff can show a probability of prevailing on the merits of the cause of action. This … Continue Reading
“Because we know when we add up all those inches…that’s the difference between winning and losing” – Al Pacino, Any Given Sunday Last week, the Ninth Circuit handed down rulings in two cases that have held the interest of sports fans, gamers, and IP lawyers for four years: In re: NCAA Student-Athlete Name & Likeness … Continue Reading
InfoLawGroup Counsel Andrew L. Hoffman contributed to this post. In a case of first impression in the Eleventh Circuit, the Court ruled in a 2-1 opinion that the plaintiffs in a putative class action had sufficiently alleged liability against a health plan provider for a data breach involving actual identity theft. The Court’s opinion, decided … Continue Reading
A recent dismissal of a plaintiff’s class action involving text messages sent to confirm the consumer has opted out should be welcome news to companies that engage in text message marketing. Currently, the Mobile Marketing Association Guidelines require companies to send a single, final text message confirming the consumer has opted out when a “STOP” … Continue Reading
The U.S. District Court for the Southern District of California recently granted class certification in a Song-Beverly Credit Card Act case, refusing to exclude from the class individuals who joined the retailer's rewards program months after the alleged Song-Beverly violation. See Yeoman v. IKEA U.S. West, Inc., No. 11CV701, 2012 WL 1598051 (S.D. Cal. May 4, 2012). The Court's discussion suggests that a retailer may also face Song-Beverly liability even if it requests personal information at the register that it already holds by virtue of the customer's membership in its rewards program.
… Continue Reading
What do pharmaceutical and data mining companies have in common with the video game industry? For starters, both recently prevailed in front of the U.S. Supreme Court when they challenged state legislation on First Amendment grounds. By a 6-3 vote on June 23, 2011, the Court struck down a Vermont statute that prohibited pharmacies and … Continue Reading
InfoLawGroup Senior Counsel and former computer programmer, Rich Santalesa, has analyzed the recent $5 million verdict against Google in the ongoing Bedrock Computer Technologies, LLC v. Google et al. patent litigation, which has focused on various alleged infringement arising from uses by Free and Open-Source Software (FOSS) within the Linux kernel. The litigation is far … Continue Reading
Bloomberg reports that MySpace has been sued in Federal District Court in New York. You can get a copy of the complaint HERE. This adds to the growing list of privacy-related lawsuits that have been filed over the past few months. … Continue Reading
The California Supreme Court ruled Thursday, in Pineda v. Williams-Sonoma, that zip codes are "personal identification information" for purposes of California's Song-Beverly Credit Card Act, California Civil Code section 1747.08. Really.
… Continue Reading
InfoLawGroup recently discovered a new data breach case, one of the first that we are aware of in the United States, that dives deep into the issue of whether a common law duty exists to safeguard personal information. In Cooney, et. al v. Chicago Public Schools, et. al¸ an Illinois appellate court actually rendered a decision holding that no such duty exists under Illinois law. In this blogpost we take a closer look at the court's rationale for dismissing the plaintiffs' negligence claim, as well as the other interesting holdings of the court.
… Continue Reading
Scott Blackmer provides a "discovery" checklist for global enterprises handling personal data from multiple jurisdictions, as well as advice on a global approach to privacy compliance and risk management.
… Continue Reading
The Maine Supreme Court has rendered its opinion on the "damages" issue in the Hannaford Bros. consumer security breach lawsuit. Again, the plaintiffs have been unable to establish that they suffered any harm as a result of the Hannaford security breach. Specifically, the Court ruled that "time and effort" alone spent to avoid or remediate reasonably foreseeable harm do not constitute "a cognizable injury for which damages may be recovered." In this blogpost we take a closer look at the Court's rationale.
… Continue Reading
As we reported in January, a handful of issuing banks had filed suit against two merchant banks (Heartland Bank and Keybank) for alleged losses (e.g. reissuance and fraud costs) they suffered due to the 2009 Heartland Payment Systems breach. The general thrust of the class action compliant is that the merchant banks should be liable … Continue Reading
What does workplace privacy have to do with the cloud? Everything. On Tuesday, the New Jersey Supreme Court issued its opinion in Stengart v. LovingCare Agency, Inc., --- A.2d ----, 2010 WL 1189458 (N.J. March 30, 2010), and came out on the side of protecting employee privacy and the attorney-client privilege in personal Yahoo! webmail (a cloud service) even though the employee used a company computer. While everyone has been busy writing about the implications of LovingCare for company policies governing employee expectations of privacy (and for good reason), few have stopped to note that LovingCare is a cloud case. LovingCare is one of only a few published opinions addressing the difficult issues surrounding employee use of webmail and other cloud services on company computers where the attorney-client privilege is at stake, and the impact of the LovingCare decision will undoubtedly be felt for years to come by nearly every employer across the country, both in crafting policies for employee use of company computer systems and in conducting discovery in nearly every employment-related litigation. The machine may be the employer's, but, in the post-LovingCare world, the data may be the employee's - at least where the cloud and the attorney-client privilege are involved. You can read my detailed case analysis in this post.
… Continue Reading
Read all about it here. Note, analyst Avivah Litan of Gartner indicated the "this seems like a very fair settlement, and it seems like Heartland escaped the tremendous costs that TJX incurred – $139 million plus – despite the fact that Heartland’s breach was more extensive." In reality TJX settled with Visa for $41 million, and … Continue Reading