Oklahoma

After several days of deliberating, a jury today convicted Uber Technologies Inc.’s (“Uber’s”) former chief security officer (the “Former CSO”) of criminal obstruction and concealing the theft of personal data of fifty million Uber customers and seven million Uber drivers from the Federal Trade Commission (“FTC”).

Recall that back in 2016, two hackers stole data

In a record-setting proposed settlement filed last week, T-Mobile has agreed to pay $350 million and boost its data security by $150 million over the next two years to resolve multidistrict litigation brought by T-Mobile customers whose data was allegedly exposed in a 2021 data breach.  Read on for the terms of the settlement, which may serve as a model in other high stakes data security cases going forward.

Recall that in August 2021, T-Mobile disclosed that it had been the victim of a cyberattack that resulted in the compromise of some current, former and prospective customers’ SSN, name, address, date of birth and driver’s license/ID information the “Data Event”).  By T-Mobile’s account, no “customer financial information, credit card information, debit or other payment information” was exposed in the attack.  Nevertheless, over 40 putative class action claims were filed seeking damages for the improper disclosure of Plaintiffs’ personal information.  In December 2021, the Judicial Panel on Multidistrict Litigation transferred and centralized the putative class actions into the MDL standing before the Western District of Missouri.Continue Reading T-Mobile Agrees in MDL to Record Setting $350 Million Data Breach Settlement to Resolve CCPA and Other Privacy Claims

Special thanks to our Summer Associate, Nyet Abraha, for her work on this blog.

Carnival Cruise Line, one of the largest international cruise lines, has agreed to pay $6 million to resolve claims brought by state attorneys general in response to a 2019 data breach. In March 2020, Carnival reported a data breach that compromised

In case you missed it, below is a summary of recent posts from CPW.  Please feel free to reach out if you are interested in additional information on any of the developments covered.

Sonic Data Privacy MDL Headed to Trial? Court Denies Defendant’s Motion for Summary Judgment | Consumer Privacy World

Federal Court Holds Defendant’s

We’ve been following the Sonic cybersecurity MDL for some time now.  Just last month the Sixth Circuit rejected Sonic’s bid to appeal a federal district court’s certification of a class under Fed. R. Civ. P. 23 to recover economic damages incurred by various financial institutions and credit unions arising from their reissuance of cards and

As Glenn Brown covers in greater detail here, as the trend of state laws granting more privacy and greater control over personal information continues in the US, the fate of privacy bills in Washington State, Oklahoma and Florida serve as a reminder that as with any other issue, political compromise is still a necessity

In case you missed it, below is a summary of recent posts from CPW.  Please feel free to reach out if you are interested in additional information on any of the developments covered.

2021 CCPA Q1 Litigation Report: 35+ Cases Filed, Unsurprising Trend of Data Event Class Actions | Consumer Privacy World

State Privacy Law

Readers of CPW know that our very own Lydia de la Torre has been selected to be an inaugural board member of the new California Privacy Protection Agency.   Listen to what Lydia and Alan Friel, Deputy Chair of SPB’s Data Privacy group have to say in a must-listen to podcast.  They discuss the history

After advancing steadily in their respective legislatures the first few months of 2021, the Oklahoma Computer Data Privacy Act has seemingly died (at least for the time being), and the Washington Privacy Act may run into similar roadblocks it faced in prior years.  CPW’s Kyle Fath covers this development and its broader implications in a

Privacy at the state level can get messy and confusing—particularly in the current moment with the record number of proposed bills under consideration.  So let’s face it: it is great to read about all those proposed bills but what US privacy professionals really want to know is which bills will pass and which bills will