On June 30, 2016, Google withdrew its appeal from the UK Supreme Court in the landmark case of Google v. Vidal-Hall after the parties reached a settlement. In the ruling on appeal, the Court of Appeal had ruled that damages for emotional distress, without any pecuniary loss, may be awarded under the Data Protection Act 1998 (the “Act”). With the appeal withdrawn, this ruling will remain valid. Therefore, companies that operate in the UK may wish to consider this ruling when conducting risk analyses and responding to litigation.
British supermarket chain faces group litigation action in the UK based on data breach
In November of 2015, the English High Court in London approved a Group Litigation Order (“GLO”) allowing employees of one of the United Kingdom’s largest supermarket chains to join the pending action.
Third Circuit ruling reinstates state law privacy claims related to Google’s use of cookies
In re: Google Inc. Cookie Placement Consumer Privacy Litigation, involves 24 consolidated lawsuits that were initially brought against several internet advertisers alleging violations of various state and federal privacy statutes, including the Computer Fraud and Abuse Act, the Wiretap Act and the Electronic Communications Privacy Act. In October of 2013, the District of Delaware dismissed the consolidated case, finding that “that plaintiffs have not alleged injury-in-fact sufficient to confer Article III standing” and that they had failed to “[plead] sufficient facts to establish a plausible invasion of the rights” under various statutes asserted in the complaints. However, on November 10, 2015, the Third Circuit Court of Appeals issued an order restoring some of the plaintiffs’ claims alleging that Google’s internet tracking practices violate California’s Constitution and state privacy laws.
Russia’s data localization requirements delayed for Facebook, Google and Twitter
The Russian data protection authority, Roscomnadzor, has given major U.S. technology companies extra time to comply with the Russian data localization law.
The law, which went into effect on September 1, 2015, requires companies to store and…
Google challenges applicability of CNIL’s “right to be forgotten” order to domain extensions outside the EU
In a recent blog post, reflecting on Google’s ongoing dispute with France’s CNIL about the scope of the “right to be forgotten,” Peter Fleisher, Google’s Global Privacy Counsel, announced that Google will maintain its position that that company would not comply with the CNIL’s formal notice dated May 21, 2015 to implement individuals’ requests to exercise their “right to be forgotten” on the company’s sites worldwide.
UK Court of Appeal Establishes Data Protection Rights in Privacy Case
A recent English Court of Appeal judgment could significantly broaden the circumstances in which data protection litigation can be brought – and damages can be awarded – under English law.
Background