Three plaintiffs in two more privacy complaints against Johns Hopkins University and the Johns Hopkins Health System oppose plaintiff Bruce Bailey’s motion for centralization and transfer of related actions to MOVEit Customer Data Security Breach Litigation (see 2307120053), said their Monday response (docket 3083) before the U.S. Judicial Panel on Multidistrict Litigation. Plaintiffs Pamela Hunter (1:23-cv-01826), and Maria Gregory and Ayomiposi Asaolu (docket 1:23-cv-01854) filed cases that name only the Hopkins entities, while Bailey seeks to move the cases “away from the region where the parties and most of the witnesses are located” to the district of Minnesota and to consolidate them with the 33 “and counting” other cases against numerous defendants not named in the Hopkins plaintiffs’ complaints, said the motion. On July 5, Bailey filed an action against Progress Software Corp. (PSC) and Pension Benefit Information, then filed a motion the following day to consolidate and transfer nine other actions that named the same defendants into a single proceeding before the U.S. District Court for Minnesota (see 2307120053). The Hopkins plaintiffs initiated their actions in July for a data breach that involved sensitive health information for patients of Johns Hopkins hospitals and medical providers. A third case that named only Johns Hopkins entities as defendants, Schaffer v. the Johns Hopkins University (docket 1:23-cv-02099), was filed Thursday in U.S. District Court for Maryland in Baltimore, said the motion. Three additional cases filed in the district of Maryland name PSC and the Hopkins plaintiffs but name only the Hopkins defendants “because they have no privity” with PSC “and did not believe them to be the responsible entities for the Data Breach that occurred on Johns Hopkins server(s),” the motion said. Shortly after the filing of the three cases that name both the Hopkins defendants and PSC -- Truesdale v. PSC (docket 1:23-cv-01913), Pulignani v. PSC (docket 1:23-cv-01912) and Doe v. PSC (1:23-cv-01923) -- Doe filed a notice of related action as to the Hunter and Gregory cases, seeking to bring those cases into that action, the response said. At the time of submission, Bailey or others have designated at least 33 complaints as “’related to this action, and there may be more yet lingering in federal and state courts,” it said. The actions for which Bailey seeks consolidation involve breaches of data for seven named defendants other than PSC, “ranging from banks to life insurance companies to state agencies,” it said; several, such as the Hopkins plaintiffs, don’t name PSC.
Plaintiff Julie Jones seeks to remand her June 1 California Invasion of Privacy Act class action against Tonal Systems to California Superior Court where it originated before Tonal removed it July 7 to U.S. District Court for Southern California in San Diego, said her memorandum of points and authorities Friday (docket 3:23-cv-01267) in support of her remand motion. Jones alleges Tonal, a maker of smart home fitness equipment, uses third parties' software to “secretly wiretap and eavesdrop on the private conversations of users of the chat features on Tonal’s website in real time” (see 2307110047). Her claims “almost certainly fall” within the “home state controversy exception” of the Class Action Fairness Act (CAFA) and should be remanded to state court for that reason, said her memorandum. In the alternative, to help the court and the parties determine whether the Southern District of California may exercise jurisdiction over Jones’ claims, the court should permit her “to engage in expedited jurisdictional discovery for this purpose,” it said. The CAFA’s exception says a district court should decline to exercise jurisdiction where two-thirds or more of the members of all proposed plaintiff classes, plus the primary defendants, are citizens of the state in which the action was originally filed, it said. Tonal is “unquestionably” a citizen of California, where it’s headquartered, said the memorandum. In all likelihood, the vast majority of class members used the Tonal website’s chat feature “from their homes in California, where the vast majority likely intend to remain indefinitely and are therefore domiciled,” it said. The complaint therefore supports a finding that, “at a minimum,” two-thirds of the proposed class members are citizens of California and the exception to CAFA jurisdiction applies, it said. If the court seeks a more satisfactory showing of how many class members there were and where they were located by the date of the filing of the complaint, “limited discovery on this jurisdictional topic is appropriate,” it said.
U.S. District Judge Regina Rodriguez for Colorado ordered 10 privacy cases against Dish Network to be consolidated under Dish Network Security Incident Litigation. The cases involve “substantially similar factual and legal questions surrounding Dish’s alleged failure" to adequately safeguard the personally identifiable information (PII) of the plaintiffs, and each of these actions will involve substantially similar discovery and motion practice, said the Wednesday order (docket 1:23-cv-01168) in Denver. Consolidation will promote “judicial economy and orderly case management." The consent of the parties isn’t required for consolidation, Rodriguez said. Dish doesn’t oppose consolidation and takes no position on the appointment of interim counsel. Motions for consolidation should be granted but denied without prejudice regarding appointment of interim class counsel, Rodriguez said. Group movants seek appointment of Mason Barney of Siri & Glimstad, Bryan Bleichner of Chestnut Cambronne and Scott Cole of Cole & Van Note as interim co-lead class counsel. The court declined to make an interim counsel appointment now to allow all interested parties to fully submit and brief their positions on the issue of interim class counsel and facilitate resolution of the matter on a consolidated and comprehensive record, the order said. The consolidated cases are Owen-Brooks v. Dish Network (docket 1:23-cv-01168), Clark v. Dish (docket 1:23-cv-01315), Cruse v. Dish (docket 1:23-cv-01319, Turley v. Dish, (docket 1:23-cv-01346), Ellerbrock v. Dish (docket 1:23cv-01372); Jenkins v. Dish (docket 1:23-cv-01387); Cardenas v. Dish (docket 1:23-cv-01405), Garcia v. Dish (docket 1:23-cv-01458), Vest v. Dish (docket 1:23-cv-01462) and Fulmore v. Dish (docket 1:23-cv-01556).
DLA Piper, counsel for Progress Software Corp. and Ipswitch, filed a notice of related actions Wednesday in MOVEit Customer Data Security Breach Litigation (docket 3083). The Landi v. Progress Software Corp.class action (docket 3:23-cv-03839), in U.S. District Court for Northern California claims negligence and violations of the California Consumer Privacy Act, Unfair Competition Law and Customer Records Act. In Harris v. Progress, plaintiff Patricia Harris asserts claims (docket (docket 1:23-cv-05028)) of negligence, breach of third-party beneficiary contract, unjust enrichment and invasion of privacy. Lockridge Grindal, counsel for plaintiff Glen Williams, notified the JPML of his July 27 related action (docket 0:23-cv-02238) pending in U.S. District Court for Minnesota. Williams charges PSC with negligence, violation of California’s Consumer Privacy and Customer Records acts, its Unfair Competition Law, state privacy statute, breach of implied contract and implied covenant of good faith and fair dealing. Mullen Coughlin, counsel for defendant Pension Benefit Information, notified the JPML of a class action (docket 0:23-cv-02240) filed by plaintiff Scott Glabb against it in U.S. District Court for Minnesota July 27, alleging negligence, violation of California’s Consumer Privacy and Customer Records acts, its Unfair Competition Law and right to privacy under the state’s constitution, plus breach of implied contract.
U.S. District Judge Sharon Johnson Coleman for Northern Illinois in Chicago scheduled an in-person status hearing Oct. 2 at 9:45 a.m. CDT in the class action in which three CapCut users allege the ByteDance videoediting app “facilitates” the unlawful collection “of a wide range of private information from users, including their biometric information” (see 2307300001), said a docket entry notification Tuesday (docket 1:23-cv-04953]). Coleman ordered the parties to meet and discuss the status of the case, and to file a joint status report at least three days before the Oct. 2 hearing, said the notification.
Progress Software seeks to stay the proceedings in a negligence lawsuit pending a ruling by the Judicial Panel on Multidistrict Litigation on transfer proceedings in MOVEit Customer Data Security Breach Litigation (docket 3083), said its unopposed motion Tuesday (docket 0:23-cv-02028) in U.S. District Court for Minnesota. Plaintiff Bruce Bailey and defendant Pension Benefit Information (PBI) don’t oppose the motion. Bailey, the named plaintiff in Bailey v. Progress Software Corp. and PBI, moved the JPML last month (see 2307120053) to transfer and centralize nine related actions to the Minnesota court. The related actions allege Progress Software bears responsibility for a May 28 data breach in which data of over 15 million people was stolen as part of a security breach by Russian ransomware group CL0P. As of Tuesday, 34 similar actions have begun in nine U.S. district courts and one state court, said the motion. The parties have conferred about the transfer motion and anticipate they independently will support centralization of the proceedings under Section 1407, although Progress and PBI believe the actions should be transferred to the District of Massachusetts, said the motion. Progress asked the Minnesota court to stay the action until at least 30 days after entry of the JPML’s final determination of the transfer motion.
U.S. Magistrate Judge Lisa Cisneros for Northern California in San Francisco scheduled a telephonic pre-settlement conference Aug. 31 at 10:30 a.m. PDT in Meta’s data-scraping court fight against Voyager Labs, said a text-only docket entry Monday (docket 3:23-cv-00154). Cisneros was assigned the case Monday for settlement purposes. Meta alleges Voyager “built a business” on developing surveillance software that improperly relies on fake accounts to scrape data from Facebook and Instagram through “unauthorized, automated means” (see 2307050001). Voyager moved in April to dismiss Meta’s complaint for failure to state a claim on which relief may be granted (see 2304140003).
DLA Piper, counsel for Progress Software and Ipswitch, filed a notice of related action (docket 3083) Monday in MOVEit Customer Data Security Breach Litigation. The Diana White v. Pension Benefit Information class action (docket 0:23-cv-2254), filed in U.S. District Court for Minnesota Friday, asserts claims of negligence, breach of contract, unjust enrichment, invasion of privacy and breach of fiduciary duty due to the late May data breach involving MOVEit Transfer and MOVEit Cloud software.
Plaintiff Jane Doe dismissed voluntarily all claims against Hey Favor, with prejudice, in a privacy lawsuit against the women's healthcare platform, said her Monday notice of dismissal (docket 3:23-cv-00059) in U.S. District Court for Northern California in San Francisco. In a June motion to lift the stay of proceedings in the privacy case, Doe said dismissing Hey Favor, which filed a petition for Chapter 11 bankruptcy protection in April, means "the action will exist against the advertising and analytics defendants“ alone as if Plaintiff never named Favor (see 2306270030). Doe's suit alleged Hey Favor knowingly and intentionally sent personally identifiable information about her medical history to Meta, TikTok and analytics company FullStory. Doe also dismissed with prejudice her seventh claim for relief alleging FullStory, Meta Platforms, TikTok and ByteDance (collectively advertising and analytics defendants) aided and abetted Favor’s violation of the California Confidentiality of Medical Information Act. To the extent that Doe brought a claim against both Favor and the advertising and analytics defendants, that claim is dismissed only as to the allegations against Favor, said the notice. Also Monday, the plaintiff filed an amended complaint removing the allegations 1) that Hey Favor “knowingly and intentionally disclosed and allowed” the advertising and analytics defendants to “intercept users’ health data and other highly sensitive information; and 2) that Favor disclosed and allowed third parties to intercept at least users’ prescription information. The amended complaint reads: “Unbeknownst to Plaintiff and Class members, FullStory’s, Meta’s, and TikTok’s (collectively “Defendants”) technology was intentionally incorporated on Favor’s Platform, through which Defendants intercepted users’ health data and other highly sensitive information."
The World Wildlife Fund removed to U.S. District Court for Central California in Los Angeles from California Superior Court a June 21 complaint in which plaintiff Sonya Valenzuela alleges WWF invaded her privacy with its use of FullContact software “to record and deanonymize” internet protocol addresses when she used WWF’s website chat function, said its notice of removal Thursday (docket 2:23-cv-06112). Valenzuela’s lawsuit is “a near duplicate of other complaints” filed by her lawyer, Scott Ferrell of Pacific Trial Attorneys, said the notice. It alleges “nothing more than generalized conclusory assertions of an invasion of privacy,” it said. Valenzuela alleges WWF’s use of the FullContact software violates the California Unauthorized Access to Computer Data Act and the California Invasion of Privacy Act, it said. She also brings common law and constitutional claims for invasion of privacy, it said: “WWF believes these claims are meritless.” Valenzuela’s complaint alleges she visited WWF’s website this spring, and that without her knowledge or consent, WWF used the FullContact code to access her device to “extract personal data” and expose her identity. WWF’s “actions are offensive and unlawful and must be stopped,” said the complaint.