Topic: Dispute resolution and litigation

Subscribe to Dispute resolution and litigation RSS feed

Settlement of Target Data Breach Consumer Class Action Is Derailed On Appeal

Data Protection Report - Norton Rose FulbrightThe Eighth Circuit Court of Appeals last week reversed the district court’s approval of a settlement and settlement class in the consolidated consumer class action arising from Target Corporation’s 2013 security incident.  This decision provided a new perspective on a persistent dilemma in the evolving law of data breaches:  how to handle data breach victims … Continue reading

CJEU Judgement: Dynamic IP Addresses Constitute Personal Data

Data Protection Report - Norton Rose FulbrightOn October 19, 2016, the Court of Justice of the European Union (CJEU) decided that the dynamic IP address of a website visitor is  “personal data” under Directive 95/46EC (Data Protection Directive) in the hands of a website operator that has the means to compel an internet service provider to identify an individual based on the IP … Continue reading

Skimming Case Highlights Difference Between Having Standing and Stating a Cause of Action

Data Protection Report - Norton Rose FulbrightThe U.S. District Court for the Northern District of Illinois dismissed a putative class action against Barnes & Noble last week based on an incident in 2012 in which criminals tampered with payment card PIN pad terminals to steal customer payment card information from retail stores in nine states. The court’s decision highlights an important … Continue reading

Recent Case Highlights The Dangers Of Consequential Damage Waivers in IT Contracts

Data Protection Report - Norton Rose FulbrightThe U.S. Court of Appeals for the Eleventh Circuit—one of the highest federal courts below the Supreme Court—recently affirmed a decision in Silverpop Systems, Inc. v. Leading Market Technologies, Inc. finding that all damages flowing from a vendor’s data breach were barred by a standard provision in IT service contracts, disclaiming all liability for consequential … Continue reading

Damages for Emotional Distress for Privacy Claims to Stay in the UK

Data Protection Report - Norton Rose FulbrightOn June 30, 2016, Google withdrew its appeal from the UK Supreme Court in the landmark case of Google v. Vidal-Hall after the parties reached a settlement. In the ruling on appeal, the Court of Appeal had ruled that damages for emotional distress, without any pecuniary loss, may be awarded under the Data Protection Act … Continue reading

CJEU Advocate General Opinion: Dynamic IP Addresses are Personal Data; Member States cannot limit processing permitted by the Data Protection Directive

Data Protection Report - Norton Rose FulbrightOn May 12, 2016, the Court of Justice of the European Union’s (CJEU) Advocate General, Campos Sánchez-Bordona, published his opinion on a question referred to the CJEU for a preliminary ruling. The opinion argues that dynamic IP addresses should be considered to be personal data under European law. Moreover, the opinion asserts that Member States’ … Continue reading

Increased Risk of Fraudulent Charges and Identity Theft Sufficient to Confer Article III Standing According to 7th Circuit

Data Protection Report - Norton Rose FulbrightAfter a district court dismissed a lawsuit filed by customers of restaurant chain P.F. Chang’s China Bistro whose payment card information was stolen during a data breach, the 7th Circuit Court of Appeals has revived the suit.  In a ruling last week, the appellate panel found that customers whose payment card information was stolen in … Continue reading

Fourth Circuit Holds that CGL Policy Covers Data Breach Class Action

Data Protection Report - Norton Rose FulbrightOn April 11, 2016, the Fourth Circuit Court of Appeals upheld a ruling by the Eastern District of Virginia that two Commercial General Liability (“CGL”) insurance policies required an insurer cover the defense of a medical records company in a class-action claim relating to alleged failure to secure patients’ medical records.[1]… Continue reading

Belgian court orders Facebook to stop tracking non-members, rejects FB’s assertion of lack of jurisdiction

On November 9, 2015, the President of the Brussels Court of First Instance ordered Facebook to stop tracking non-members in Belgium without their consent. The court imposed a penalty of EUR 250,000 per day for non-compliance. The proceeding is the result of a formal recommendation that the Belgian Privacy Commission (BPC) issued in May 2015 … Continue reading

Third Circuit ruling reinstates state law privacy claims related to Google’s use of cookies

Data Protection Report - Norton Rose FulbrightIn re: Google Inc. Cookie Placement Consumer Privacy Litigation, involves 24 consolidated lawsuits that were initially brought against several internet advertisers alleging violations of various state and federal privacy statutes, including the Computer Fraud and Abuse Act, the Wiretap Act and the Electronic Communications Privacy Act. In October of 2013, the District of Delaware dismissed … Continue reading

The “EMV Liability Shift” Is Coming (What Merchants Need to Know)

Data Protection Report - Norton Rose FulbrightCurrently, almost half of the world’s credit card fraud happens in the U.S where magnetic stripe technology is the standard. Outside the U.S., an estimated 40% of the world’s cards and 70% of the terminals already use the EMV technology. These countries are reporting significantly lower counterfeit fraud levels with EMV cards than with the … Continue reading

UK Court of Appeal Establishes Data Protection Rights in Privacy Case

Data Protection Report - Norton Rose FulbrightA recent English Court of Appeal judgment could significantly broaden the circumstances in which data protection litigation can be brought – and damages can be awarded – under English law. Background Vidal-Hall et al v Google ([2015] EWCA Civ 311) involves claims brought by three individual users against Google. The users alleged that Google collected private … Continue reading

Ontario Court of Appeal finds patients’ common law privacy rights not preempted by statute; allows class action to proceed

Data Protection Report - Norton Rose FulbrightIn a recent case involving a breach of patients’ privacy rights — Hopkins v Kay,[i] — the Ontario Court of Appeal ruled that a proposed class action could proceed based on allegations of violation of patients’ common law privacy rights, concluding that those rights were not preempted by the Personal Health Information Protection Act (PHIPA). … Continue reading
LexBlog