Ninth Circuit Rejects Lawsuit Over Hijacked Facebook Account–Long v. Dorset
Long is a book author. He ran a Facebook business page to promote his work. An interloper, using the alias “Tammy Dorset,” gained administrator access to the Facebook page. Once in control of the page, Dorset allegedly posted items that…
CCPA Data Breach Lawsuit Against Walmart Fails–Gardiner v. Walmart
This is a data breach lawsuit against Walmart in which plaintiff (on his own behalf and on behalf of a putative class) asserts that his data is being currently sold on the dark web. Plaintiff asserted the typical claims, but…
Section 230 (Mostly) Protects Zoom from Liability for Zoombombing
This is a privacy class action against Zoom. The opinion has several points of interest for privacy practitioners. I’m going to focus only on the court’s discussion of Zoom’s liability for Zoombombing, the COVID-era problem where malefactors crash a Zoom…
Consent Via “Clickwrap” Defeats Privacy Claims–Javier v. Assurance
Javier got a life insurance quote from Assurance. It appears this page contained javascript served from a vendor named ActiveProspect (via a service called “TrustedForm”), which tracks each user on Assurance’s site and records the users’ keystrokes. For Assurance, these…
The Anticipated Domino Effect: Virginia Passes Second State “Comprehensive” Privacy Law (Guest Blog Post)
by guest blogger Tanya Forsheit Virginia has officially become the second state in the country to enact what many have called a “comprehensive” privacy law, the Consumer Data Protection Act (“CDPA”), with Governor Northam’s signature on March 2, 2021. For…
Data Breach Plaintiff Doesn’t Have Standing in the Absence of Fraud or Identity Theft–Tsao v. Captiva
This is a data breach lawsuit. Plaintiff was a patron of a restaurant (PDQ) that suffered a breach that compromised credit card payment information. The breach occurred because a hacker gained access to customer data through “an outside vendor’s remote…
Ninth Circuit Sends Alexa Surreptitious Recording Case to Arbitration–Tice v. Amazon
Lawsuits over voice-activated assistants (and other smart home devices) are interesting. Plaintiffs have been creative about who asserts the claims to navigate around the issue that often sinks class actions: arbitration. This has resulted in claims brought by neighbors, spouses,…
Facebook Isn’t Liable for Account Hack/Hijack–Damner v. Facebook
This is a pro se lawsuit. Damner claims his Facebook account was hacked in April 2020 and the hacker(s) took it over. He notified Facebook but allegedly it never responded. Damner sued Facebook for Stored Communications Act claims and others….
YouTube Defeats Lawsuit Over Cryptocurrency Scam–Ripple v. YouTube
Ripple Labs developed a cryptocurrency called XRP. Scammers phished verified YouTube accounts and then used the hijacked accounts to post YouTube videos–seemingly from Ripple–inducing consumers to transfer their XRP, where they were stolen. YouTube allegedly responded to takedown notices slowly….
Court Sends Wyze Labs Privacy Suit to Arbitration
Wyze provides home security monitoring and cameras. (They have a range of “smart home” products.) Plaintiffs sued Wyze on behalf of a putative class alleging that Wyze failed to safeguard their personal information. Wyze moved to compel arbitration. The court…