Class Certification

2023 was another busy year in the realm of data event and cybersecurity litigations, with several noteworthy developments in the realm of disputes and regulator activity.  Privacy World has been tracking these developments throughout the year.  Read on for key trends and what to expect going into the 2024.

Growth in Data Events Leads to Accompanying Increase in Claims

The number of reportable data events in the U.S. in 2023 reached an all-time high, surpassing the prior record set in 2021.  At bottom, threat actors continued to target entities across industries, with litigation frequently following disclosure of data events.  On the dispute front, 2023 saw several notable cybersecurity consumer class actions concerning the alleged unauthorized disclosure of sensitive personal information, including healthcare, genetic, and banking information.  Large putative class actions in these areas included, among others, lawsuits against the hospital system HCA Healthcare (estimated 11 million individuals involved in the underlying data event), DNA testing provider 23andMe (estimated 6.9 million individuals involved in the underlying data event), and mortgage business Mr. Cooper (estimated 14.6 million individuals involved in the underlying data event). Continue Reading 2023 Cybersecurity Year In Review

2022 was another year of high activity and significant developments in the realm of artificial intelligence (“AI”) and biometric privacy related matters, including in regard to issues arising under the Illinois Biometric Information Privacy Act (“BIPA”) and others.  This continues to be one of the most frequently litigated areas of privacy law, with several notable rulings and emerging patterns of new activity by the plaintiffs’ bar.  Following up on Privacy World’s Q2 and Q3 2022 Artificial Intelligence & Biometric Privacy Quarterly Newsletters, be sure to read on for a recap of key developments and insight as to where 2023 may be headed.
Continue Reading Privacy World 2022 Year in Review: Biometrics and AI

CPW’s Kristin Bryan, a 2022 Law360 Privacy & Cybersecurity MVP as well as a featured subject matter expert for LexisNexisChristina Lamoureux, and Margaret Booz have co-authored a new chapter of Lexis Practical Guidance titled “Biometric Privacy and Artificial Intelligence Legal Developments.” In this practice note, they explore emerging legal issues concerning the collection, use, and disclosure of biometric data and artificial intelligence (AI). This includes a discussion of the legal regimes often implicated in lawsuit trends that are likely a harbinger of future litigation, recent developments concerning Article III standing, damages, and class certification and settlement, among other considerations.
Continue Reading Available Now: CPW’s Kristin Bryan, Christina Lamoureux, and Margaret Booz Co-Author Lexis Practice Note on Biometric Privacy and Artificial Intelligence Legal Developments

Join CPW’s Kristin Bryan as she discusses practical solutions for corporate counsel to mitigate potential cybersecurity class action risks during the upcoming Strafford webinar, “Mitigating Cybersecurity Class Action Litigation Risks,” on Thursday, November 10, 1:00pm-2:30pm EST. 
Continue Reading Webinar Registration Open: Mitigating Cybersecurity Class Action Litigation Risks: Policies, Procedures, Service Providers, Notification, Damages

CPW’s Kristin Bryan, a 2022 Law360 Privacy & Cybersecurity MVP as well as a featured subject matter expert for LexisNexis, Jesse Taylor and Shing Tse teamed up to co-author a chapter of the Lexis Practical Guidance titled “Privacy, Cybersecurity and Data Breach Litigation: Key Laws and Considerations. In this practice

In a record-setting proposed settlement filed last week, T-Mobile has agreed to pay $350 million and boost its data security by $150 million over the next two years to resolve multidistrict litigation brought by T-Mobile customers whose data was allegedly exposed in a 2021 data breach.  Read on for the terms of the settlement, which may serve as a model in other high stakes data security cases going forward.

Recall that in August 2021, T-Mobile disclosed that it had been the victim of a cyberattack that resulted in the compromise of some current, former and prospective customers’ SSN, name, address, date of birth and driver’s license/ID information the “Data Event”).  By T-Mobile’s account, no “customer financial information, credit card information, debit or other payment information” was exposed in the attack.  Nevertheless, over 40 putative class action claims were filed seeking damages for the improper disclosure of Plaintiffs’ personal information.  In December 2021, the Judicial Panel on Multidistrict Litigation transferred and centralized the putative class actions into the MDL standing before the Western District of Missouri.Continue Reading T-Mobile Agrees in MDL to Record Setting $350 Million Data Breach Settlement to Resolve CCPA and Other Privacy Claims

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Online Safety in Digital Markets Needs a Joined Up Approach with Competition Law in the UK

China’s Didi Fined

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Federal Court Dismisses Colonial Pipeline Cybersecurity Litigation

Federal Court Refuses to Dismiss Biometric Claims Brought by Trucker Against Facial

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

CPW’s Stephanie Faber Speaks at French Association of Personal Data Protection Correspondents Annual Meeting

Future Uncertain for the American

This week Plaintiffs in thirteen consolidated cases brought against Accellion and other defendants filed a motion for preliminary approval of a class action settlement in California federal court.  This development is notable for its resolution (if approved) only as to Accellion and for the categories of relief offered to class members.  In re Accellion, Inc.