Justia Class Action Opinion SummariesArticles Posted in Internet Law
Clemens v. Execupharm Inc
Clemens, then an employee, provided ExecuPharm with sensitive information, including her address, social security number, bank, and financial account numbers, insurance, and tax information, passport, and information relating to her family. Clemens’s employment agreement provided that ExecuPharm would “take appropriate measures to protect the confidentiality and security” of this information. After Clemens left ExecuPharm, a hacking group (CLOP) accessed ExecuPharm’s servers, stealing sensitive information pertaining to current and former employees, including Clemens. CLOP posted the data on the Dark Web, making available for download 123,000 data files pertaining to ExecuPharm, including sensitive employee information. ExecuPharm notified current and former employees of the breach and encouraged precautionary measures. Clemens reviewed her financial records and credit reports for unauthorized activity; placed fraud alerts on her credit reports; transferred her bank account; enrolled in ExecuPharm’s complimentary one-year credit monitoring services; and purchased three-bureau additional credit monitoring services for herself and her family for $39.99 per month.Clemens's suit under the Class Action Fairness Act, 28 U.S.C. 1332(d), was dismissed for lack of Article III standing. The court concluded that Clemens’s risk of future harm was not imminent, but “speculative.” Any money Clemens spent to mitigate the speculative risk was insufficient to confer standing; even if ExecuPharm breached the employment agreement, it would not automatically give Clemens standing to assert her breach of contract claim. The Third Circuit vacated. Clemens’s injury was sufficiently imminent to constitute an injury-in-fact for purposes of standing. View "Clemens v. Execupharm Inc" on Justia Law
Joffe v. Google, Inc.
Plaintiffs alleged, in this consolidated class action, that Google illegally collected their Wi-Fi data through its Street View program. After the parties reached a settlement agreement that provided for injunctive relief, cy pres payments to nine Internet privacy advocacy groups, fees for the attorneys, and service awards to class representatives—but no payments to absent class members, David Lowery, one of two objectors to the settlement proposal, appealed the district court's approval of the settlement and grant of attorneys' fees.The Ninth Circuit affirmed, concluding that the district court did not abuse its discretion in approving the settlement, certifying the class, or in its award of attorneys' fees, and it did not commit legal error by rejecting Lowery's First Amendment argument. The panel rejected the suggestion that a district court may not approve a class-action settlement that provides monetary relief only in the form of cy pres payments to third parties; Lowery has not shown that the district court abused its discretion in approving the use of cy pres payments in the settlement; the infeasibility of distributing settlement funds directly to class members does not preclude class certification; and viewing the modest injunctive relief together with the indirect benefits the class members enjoy through the cy pres provision, the panel affirmed the district court’s finding that the settlement was fair, reasonable, and adequate.The panel also concluded that the settlement agreement does not compel class members to subsidize third-party speech because any class member who does not wish to subsidize speech by a third party that he or she does not wish to support, can simply opt out of the class. The panel has never held that merely having previously received cy pres funds from a defendant, let alone other defendants in unrelated cases, disqualifies a proposed recipient for all future cases. Furthermore, the panel affirmed cy pres provisions involving much closer relationships between recipients and parties than anything Lowery alleges here. The court further concluded that the district court properly considered all relevant circumstances, including the value to the class members, and concluded that a 25% benchmark was appropriate. Finally, the panel concluded that class counsel and class representatives did not breach their fiduciary duties by entering the settlement. View "Joffe v. Google, Inc." on Justia Law
George v. eBay, Inc.
The appellants were two of a group of plaintiffs who sued eBay and PayPal, challenging provisions in their respective user agreements. Plaintiffs’ second amended complaint alleged 23 causes of action, 13 against eBay, seven against PayPal, and three against both defendants. The trial court dismissed, without leave to amend, 20 of the causes of action, including 14 claims against eBay. Three causes of action proceeded: breach of contract against both defendants and violation of the covenant of good faith and fair dealing against eBay. More than three years later, the appellants opted out of the case against eBay, and voluntarily dismissed the two claims against it. Judgment of dismissal was entered against them.The appellants appealed, contending the trial court got it wrong as to 11 of the dismissed causes of action. The court of appeal affirmed, noting that this was the third appeal of the case. The trial court properly dismissed the claims and did not abuse its discretion in doing so without leave to amend. All of the alleged causes of action failed to state a claim. The court stated that “counsel for appellants has apparently been urging the same contentions for some nine years, all without success. This is enough.” View "George v. eBay, Inc." on Justia Law
Campbell v. Facebook, Inc.
An objecting class member appealed from the district court's approval of a settlement between Facebook and a nationwide class of its users who alleged that Facebook routinely captured, read, and used website links included in users' private messages without their consent, and that these practices violated federal and California privacy laws. The district court found that the settlement was fair and approved it, granting in full class counsel's request for fees and costs.The Ninth Circuit held that the district court had Article III jurisdiction to approve the settlement and that this panel had jurisdiction to evaluate the fairness of the settlement. In this case, plaintiffs identified a concrete injury that the Electronic Communications Privacy Act and the California Invasion of Privacy Act protect; plaintiffs established standing to seek injunctive relief; and post-filing developments did not moot this case.The panel rejected the merits of objector's contentions that the district court abused its discretion by approving the settlement. The panel rejected the argument that the settlement was invalid under Koby v. ARS National Services, Inc., 846 F.3d 1071, 1081 (9th Cir. 2017). Rather, the panel held that, given how little the class could have expected to obtain if it had pursued claims further based on the facts alleged here (and, correspondingly, how little it gave up in the release), it was not unreasonable that the settlement gave the class something of modest value. The panel rejected objector's argument that the settlement was invalid under In re Bluetooth Headset Products Liability Litigation, 654 F.3d 935 (9th Cir. 2010), and held that the district court did not abuse its discretion in concluding that none of the warning signs weighed against approval of the settlement. View "Campbell v. Facebook, Inc." on Justia Law
Dancel v. Groupon, Inc.
Dancel sued, alleging Groupon had used her photograph to promote a restaurant voucher. Groupon had collected the photograph from Dancel’s public Instagram account based on data linking it to the restaurant’s location. She sought damages under the Illinois Right of Publicity Act (IRPA) on behalf of a class of Illinois residents whose Instagram photographs have appeared on a Groupon offer. The parties litigated in state court until Dancel moved to certify a class of “[a]ll persons who maintained an Instagram Account and whose photograph ... was ... acquired and used on a groupon.com webpage for an Illinois business.” The class was not defined by its members’ residency. Groupon filed a notice of removal under the Class Action Fairness Act, 28 U.S.C. 1453. The district court denied remand and denied class certification. The Seventh Circuit affirmed the denial of class certification. IRPA requires more with respect to the plaintiff’s identity than an Instagram username It demands that an attribute, even a name, serve to identify the individual whose identity is being appropriated. This individualized evidentiary burden prevents identity from being a predominating common question under Rule 23(b)(3). View "Dancel v. Groupon, Inc." on Justia Law
Patel v. Facebook, Inc.
The Ninth Circuit affirmed the district court's order certifying a class of Facebook users who alleged that Facebook's facial-recognition technology violated Illinois's Biometric Information Privacy Act (BIPA). The panel held that plaintiffs have alleged a concrete and particularized harm that was sufficient to confer Article III standing where the statutory provisions at issue were established to protect plaintiffs' concrete interests in privacy, not merely procedural rights. In this case, the development of a face template using facial-recognition technology without consent invades an individual’s private affairs and concrete interests. The panel held that the district court did not abuse its discretion by certifying the class; Illinois's extraterritoriality doctrine did not preclude the district court from finding predominance; and the district court did not abuse its discretion in determining that a class action was superior to individual actions. View "Patel v. Facebook, Inc." on Justia Law
In Re: Google Inc. Cookie Placement Consumer Privacy Litigation
News broke in 2012 that Google’s Doubleclick.net cookies were bypassing Safari and Internet Explorer privacy settings and tracking internet-user information. Google settled FTC and state attorneys general lawsuits, agreeing to cease the practice and to pay $39.5 million in fines, without admitting wrongdoing. Plaintiffs' claims were consolidated into a putative class action, alleging violations of federal privacy and fraud statutes, California unfair competition and privacy statutes, the California constitution’s right to privacy, and California’s privacy tort law. The Third Circuit affirmed the dismissal of all but the California constitutional and tort claims. The parties agreed to a settlement. The district court approved certification of an FRCP 23(b)(2) class and the settlement under FRCP 23(e). Under the settlement a cy pres award would be paid to organizations the defendant approved, primarily data privacy organizations that agree to use the funds to research and promote browser privacy. It also included class counsel’s fees and costs, and incentive awards for named class representatives. One objector argued that the cy pres money belongs to the class as compensation and challenged the choice of cy pres recipients because of their pre-existing relationships with Google and class counsel. The Third Circuit vacated, stating that the “cursory certification and fairness analysis were insufficient for us to review its order certifying the class and approving the settlement. The settlement agreement’s broad release of claims for money damages and its designation of cy pres recipients are particularly concerning.” View "In Re: Google Inc. Cookie Placement Consumer Privacy Litigation" on Justia Law
In re Google Referrer Header Privacy Litigation
The Ninth Circuit affirmed the district court's order approving the cy pres-only settlement arising from class action claims that Google violated users' privacy by disclosing their Internet search terms to owners of third-party websites. The panel held that the district court did not abuse its discretion in approving a cy pres- only settlement where the settlement funds were non-distributable; the district court did not abuse its discretion in finding the superiority requirement was met because the litigation would otherwise be economically infeasible; the district court did not abuse its discretion in approving the six cy pres recipients; the district court appropriately found that the cy pres distribution addressed the objectives of the Stored Communications Act and furthered the interests of the class members; a prior relationship or connection between the cy pres recipient and the parties or their counsel, without more, was not an absolute disqualifier; and the district court did not abuse its discretion by approving $2.125 million in fees and $21,643.16 in costs. View "In re Google Referrer Header Privacy Litigation" on Justia Law
Taha v. County of Bucks
Defendants created a publicly searchable “Inmate Lookup Tool” into which they uploaded information about thousands of people who had been held or incarcerated at the Bucks County Correctional Facility since 1938. Taha filed suit, alleging that the County and Correctional Facility had publicly disseminated information on the internet in violation of the Pennsylvania Criminal History Record Information Act, 18 Pa. Cons. Stat. 9102, about his expunged 1998 arrest and incarceration. The district court granted Taha partial summary judgment on liability before certifying a punitive damages class of individuals about whom incarceration information had been disseminated online. The court then found that the only remaining question of fact was whether defendants had acted willfully in disseminating the information. After the court certified the class, the defendants filed an interlocutory appeal. The Third Circuit affirmed the class certification order, rejecting an argument that the district court erred in granting Taha partial summary judgment on liability before ruling on class certification. The court upheld conclusions that punitive damages can be imposed in a case in which the plaintiff does not recover compensatory damages, that punitive damages can be imposed on government agencies, and that the predominance requirement under FRCP 23(b)(3) was met so that a class could be certified. View "Taha v. County of Bucks" on Justia Law
Caligiuri v. Symantec Corp.
The court affirmed the approval of a class action settlement and grant of attorneys' fees and service awards in a suit alleging that Symantec failed to disclose that consumers could use various free alternatives to re-download their Norton anti-virus software. The district court did not abuse its discretion by approving the settlement without knowing the final administrative costs or the final amount received by the class; in awarding the requested fees where the circumstances of this case justified a large award, and the reasonableness of the award was cross-checked against the lodestar method; in approving the terms of the settlement agreement providing that any minimal remaining funds would be distributed to the Electronic Frontier Foundation, as an appropriate cy pres recipient; and in awarding service awards to each of the named plaintiffs. View "Caligiuri v. Symantec Corp." on Justia Law