fbpx

Download free GDPR compliance checklist!

Category Archives for "Court cases"

Facebook, LinkedIn Sued For ‘Eavesdropping’ On Zoom Users

Facebook and LinkedIn have been secretly harvesting personal information from Zoom users to boost their revenues, according to a putative class action filed in California federal court Monday that targets both the social media sites and the newly ubiquitous video conferencing platform.

The newly filed lawsuit echoes many of these allegations against Zoom, while also drawing in social media giants Facebook Inc. and LinkedIn Corp., which plaintiff Todd Hurvitz claims “eavesdropped” on what Zoom users thought were private communications between them and the company’s servers in order to scoop up valuable personal information.

Source: Facebook, LinkedIn Sued For ‘Eavesdropping’ On Zoom Users – Law360

Activist Wants Appeals Court To Scrap Google ‘Street View’ Privacy Settlement

A musician who opposed Google’s privacy settlement over data collection by “Street View” cars has appealed a trial judge’s decision to approve the $13 million deal.

The deal, approved by U.S. District Court Judge Charles Breyer in San Francisco, resolves a lawsuit dating to 2010, when it first emerged that Google’s Street View cars had collected private information — including passwords, emails and URLs — transmitted over unencrypted WiFi networks.

Source: Activist Wants Appeals Court To Scrap Google ‘Street View’ Privacy Settlement 04/13/2020

Lawsuit Seeks Injunction Requiring Clearview To Destroy Data

An Illinois resident who sued Clearview AI in January is now asking a federal judge to issue a pre-trial order requiring the facial recognition company to destroy data about state residents.

He argues in the new request for a preliminary injunction that the post-January reports about Clearview warrant immediate action by the court.

Source: Lawsuit Seeks Injunction Requiring Clearview To Destroy Data 04/09/2020

UK Supreme Court says employer not liable for data breach by a disgruntled employee

The U.K.’s top court ruled that a British supermarket can’t be held responsible for a data breach by a disgruntled employee who leaked personal details of thousands of staff members online.

The Supreme Court concluded that the Court of Appeal had misunderstood the principles governing vicarious liability in their previous judgments in the case. This decision sets aside a significant liability risk which had arisen following the previous decisions in the case.

Source: Morrisons Wins U.K. Supreme Court Ruling Over 2014 Data Breach – Bloomberg

Class action filed against Zoom about data collection

Wexler Wallace LLP had filed a class action lawsuit against Zoom Video Communications, Inc. before the U.S. Court for the Northern District of California, for allegedly collecting the personal information of its users and disclosing such information to third parties, including Facebook, Inc.

This data transfer occurs when a Zoom user installs, opens or closes the popular Zoom iOS video conferencing application. Consumers are not meaningfully informed of these facts, and specifically that Facebook receives the data. As the complaint alleges, even information on non-Facebook users is sent to Facebook through Zoom’s video conferencing application.

Source: Zoom Privacy Lawsuit – Wexler Wallace LLP

GDPR ushers in civil litigation claims across the EU

The EU General Data Protection Regulation ushered in an enhanced private right of action for violations of the law, both for material or non-material damage.

Plaintiffs can sue for compensation based on the damage suffered. Attorneys say there’s now a significant uptick in cases brought alleging such a grievance has occurred, often as a “follow-on” to data protection authorities’ investigations. And depending on any given judge’s sympathy for plaintiffs alleging data misuse, as well as how sizable the class is, the cost to organizations could be significant.

Full article: GDPR ushers in civil litigation claims across the EU

Google’s Right-to-Be-Forgotten Fine Toppled by French Court

Google won a battle over the right to be forgotten after France’s top administrative court canceled a fine of 100,000 euros ($111,000) for failing to remove contentious search results globally.

France’s Council of State threw out the 2016 penalty, following guidance from the European Union’s highest court which last year backed the Alphabet Inc. unit by saying it should only scrub search results on European versions of its websites.

Source: Google’s Right-to-Be-Forgotten Fine Toppled by French Court – BNN Bloomberg

Brussels Court of Appeal overrules first DPA fine to a private company

On Feb. 19, the Brussels Court of Appeal overruled one of the first decisions of the Belgian Data Protection Authority in a case involving the use of an electronic ID to get a loyalty card.

The Brussels Court of Appeal held that the customer did not give her identity card and, consequently, there was no processing of her data. Therefore, according to the court, the DPA did not demonstrate an actual personal data breach.

The court still underlined there was no prejudice for a customer because they could not get a loyalty card and therefore get a discount. There is no prejudice when one possible extra benefit is lost. It would have been different if the reading of the electronic ID was required to exercise a legal or contractual right.

Source: Brussels Court of Appeal overrules first DPA fine to a private company

France issues first legal decision on facial recognition

The Administrative Court (TA) of Marseille has made its decision regarding the use of facial recognition technology at two French high schools.

In a hearing before the TA, with La Quadrature du Net, The Human Rights League, the FCPE and CGT Educ’Action des Alpes Maritimes, the installation of a facial recognition system at the entrance of two French high schools were discussed.

TA ruled against the installation of the technology, stating that its deployment violated the EU General Data Protection Regulation (GDPR), as students were not able to provide consent “to the collection of personal data in a free and informed manner.”

Additionally, the court ruled that the technology was a disproportionate measure to manage the high school, especially with other alternative measures being available and less detrimental to students’ rights.

Source: #Privacy: France issues first legal decision on facial recognition

Clearview AI facial recognition app maker sued by Vermont

The complaint alleges that the facial recognition company’s scraping of images for its database violates state privacy laws.

Vermont’s complaint alleges Clearview AI violates the state’s Consumer Protection Act by collecting facial recognition data of Vermont residents, including children, without their consent. It also alleges that the “screen scraping” Clearview AI uses to collect the data violates the state’s new Data Broker Law, which targets companies that collect and sell data on consumers.

Source: Clearview AI facial recognition app maker sued by Vermont – CNET

>