T-Mobile seeks to compel Samuel Whatley's claims to arbitration and to stay his case pending the outcome of that arbitration, said T-Mobile’s motion Wednesday (docket 2:23-cv-01339) in U.S. District Court for South Carolina in Charleston. The pro se plaintiff alleges a T-Mobile employee unlawfully transferred his phone number to another unauthorized device and in so doing compromised his entire bank account. He alleges violations of the Electronic Communications Privacy Act and the Electronic Funds Transfer Act. But Whatley’s customer agreement with T-Mobile contains an “express, conspicuous arbitration provision” by which he agreed “to submit any and all disputes with T-Mobile to arbitration,” said the motion. Whatley for years “repeatedly consented” to the carrier’s terms and conditions and “explicitly agreed” to arbitrate disputes with the company, said T-Mobile’s memorandum of law in support of the motion. To the extent that the plaintiff disputes the “scope or enforceability” of the arbitration provision, “that dispute goes to the arbitrator, as the parties agreed,” it said. But in any event, the arbitration agreement “plainly covers the claims” Whatley brings against T-Mobile “based on its alleged failure to protect his account from unauthorized access,” it said.
The March 21 decision in U.S. District Court for Southern California in San Diego granting Ford’s motion to dismiss a California Invasion of Privacy Act complaint is “relevant” to defendant Tonal Systems’ own motion to dismiss plaintiff Julie Jones’ CIPA class action in the same court for failure to state a claim on which relief can be granted (see 2308300028), said Tonal’s notice Tuesday (docket 3:23-cv-01267). Jones alleges Tonal, a maker of home gym equipment, violated the CIPA and the state’s Unfair Competition Law when it used software from a third-party vendor, Drift, to secretly eavesdrop on the private conversations of users of the chat features on Tonal’s website (see 2307110047). Tonal’s motion to dismiss was fully briefed, and the motion hearing was held Oct. 18, said the notice. Jones lacks a “viable statutory claim for wiretapping” under the CIPA, said Tonal’s motion to dismiss. In the Ford case, plaintiff Rebeka Rodriguez alleged that the automaker secretly enables and allows a third-party spyware company to eavesdrop on the private conversations of everyone who visits Ford’s website and communicates through its chat feature. She alleged that the spyware company then monetized that data by sharing it with other third parties, which used it to bombard the unsuspecting visitors with targeted marketing, all without their informed consent. The court construed Rodriguez's argument in her opposition to the motion to dismiss as declining to pursue a claim against Ford for direct liability under the first three clauses of the CIPA’s Section 631(a). It dismissed any such claim against Ford with prejudice because amendment would be futile.
Plaintiff Jane Doe and defendants Microsoft and Qualtrics don't agree on a discovery plan and timing for discovery in Doe’s privacy case, said their joint status report and discovery plan Tuesday (docket 2:23-cv-00718) in U.S. District Court for Western Washington in Seattle. Doe’s May complaint (see 2305160051), asserting claims of California’s Invasion of Privacy Act and Unfair Competition Law violations, alleges the defendants repeatedly and systematically violated Doe's and class members’ privacy by surreptitiously extracting private healthcare and other information from Kaiser members’ communications with the Kaiser website through tracking code and services provided by Microsoft and Qualtrics. Doe anticipates 15-20 trial days for completion of the case; defendants expect to try Doe’s individual claim in 7-10 days; if the case proceeds to trial as a class action, the trial “will be substantially longer,” said the defendants’ statement. Doe proposes that a trial date be set after class certification or for June 15, 2026, said the report. Since the defendants will contend a motion for class certification, they request deferral of a trial date until after a decision on class certification, it said. If the court requires an anticipated trial date now, defendants anticipate the case may be “trial ready” by Feb. 27, 2026. The parties don’t believe settlement discussions would be fruitful at this time, it said.
The parties in a privacy class action vs. NBCUniversal Media and Peacock TV don’t consent to conducting all further proceedings before a U.S. magistrate judge, including motions and trial, said a case management plan and scheduling order Monday (docket 1:23-cv-09433) from U.S. District Judge Vernon Broderick in U.S. District Court for Southern New York in Manhattan. The October lawsuit, brought by Amma Afriyie of Hamilton, Ohio, and Roy Campbell of Glens Falls, New York, alleges software development kits in NBC apps allow app and website developers to “surreptitiously collect and transmit data to third parties,” including viewing history and personally identifiable information (see 2310270060). The parties have not engaged in settlement discussions, said the order. No additional parties may be joined to the case, and no additional causes of action may be asserted after 30 days from the entry of the order “absent a showing of good cause.” Fact discovery is to be completed no later than April 15, 2025, and the case is to be tried to a jury, it said.
The plaintiffs’ opposition to Banner Health’s motion to dismiss their consolidated privacy complaint gives the "false impression” that Banner “surreptitiously discloses” the contents of their “actual medical communications or records to third parties” for profits, said Banner's reply Monday (docket 2:23-cv-00985) in U.S. District Court for Arizona in Phoenix in support of its motion to dismiss. The plaintiffs instead “conflate Banner’s public website with its patient portal,” the opposition said. Cheryl McCulley’s class action, combined with two similar actions in November (see 2311150002), allege Banner installed Meta Pixel and other tracking technologies on its website to “intercept” and send private information to third parties such as Facebook and Google without users’ “informed consent,” in violation of invasion of privacy common law, the Arizona Consumer Fraud Act and the Electronic Communications Privacy Act. But plaintiffs’ claims rely on generalized allegations of how they used Banner’s public website, how they received ads relating to their medical conditions after alleging they used the free public websites, and how a “hypothetical website visitor’s browsing activity may have been transmitted to Meta or other third parties,” said the opposition. Their allegations are “merely speculations about what happens when they intentionally search a public website for medical topics,” it said. Plaintiffs “fail to allege a single fact” about how the Pixel was configured on Banner’s patient portal, saying information available on the publicly accessible websites “stands in stark contrast to the personally identifiable patient records and medical histories protected by these statutes.”
The multidistrict litigation docket was prematurely “and incorrectly” closed March 14 for litigation against Comcast involving the Citrix data breach, said a joint status report (docket (2:23-cv-05092) in Nanez et al v. Comcast Friday in U.S. District Court for Eastern Pennsylvania in Philadelphia. The plaintiffs sued Comcast Dec. 21 for negligence; the class action was one of a dozen included in a January motion (see 2401120011) filed by plaintiff Kenneth Hasson with the Judicial Panel on Multidistrict Litigation, aiming to transfer and consolidate cases with similar allegations and claims arising out of the October data breach. A motion filed jointly by Comcast, Citrix and Hasson on March 14 to vacate that day's order closing the MDL docket and reinstating the MDL transfer motion was denied March 18, said the report. Thursday, Hasson filed a notice of unopposed motion to consolidate cases (see 2403220046); Alyssia Nanez is listed for potential consolidation within Hasson’s motion to consolidate cases, it said. The parties support the request for consolidation, it said.
Interested party Kenneth Hasson moved to consolidate 24 cases pending in the Eastern District of Pennsylvania against Comcast and/or Citrix involving Citrix's October data breach, said Hasson's unopposed motion Thursday (docket 2:24-cv-01198). Hasson requests that the court consolidate the two dozen actions and assign them to U.S. District Judge John Younge as the “already-assigned judge’ in 17 of the actions. The plaintiff moves to establish his case, the first-filed Hasson v. Comcast Cable Communications (docket 2:23-cv-05039), as the master docket for the consolidated cases. The cited rule 42(a) of the Federal Rules of Civil Procedure provides that when several actions involving common questions of law or fact are pending before a court, it's authorized to consolidate the actions to avoid unnecessary costs or delay, said the motion. The 24 cases involve an “array of shared common questions of law and fact" against defendants Comcast and/or Citrix on behalf of overlapping putative nationwide classes arising out of the breach by cybercriminals of internal Comcast systems and customer data, including plaintiffs’ personally identifiable information, which allegedly occurred because of a vulnerability in an on-premises Citrix product used by Comcast, said the motion. Litigation of the Comcast actions will require resolution of seven common issues: the cause, extent and scope of the data breach; defendants’ investigations into the breach; communications between Comcast and Citrix about the breach; defendants’ data security measures before the breach; actions taken to remedy the incident and the data security “deficiencies that led to it”; contractual obligations between the defendants; the adequacy of the notice of the breach; and harm stemming from it, the motion said. The motion proposed a standing order that any action subsequently filed, transferred or removed to the court that arises out of the same or similar operative facts as the consolidated action be consolidated with it for all pretrial purposes. Hasson proposes an order that plaintiffs file a single consolidated complaint no later than 45 days after an order appointing interim lead counsel is entered, it said. All parties support the request for consolidation. Hasson filed a reply in support for transfer and centralization of cases before the Panel on Multidistrict Litigation in February (see 2402050030).
Two negligence class actions involving Progress Software’s May MOVEit file transfer software data breach were transferred to In Re: MOVEit Customer Data Security Breach Litigation in conditional transfer order 35 (CTO-35), said a clerk’s order (docket 3083) Tuesday at the Judicial Panel on Multidistrict Litigation. Eric E. Eufusia v. Medical Eye Services (docket 8:24-cv-00432) was transferred from U.S. District Court for Central California and Werkmeister v. Wayne Bank (docket 3:24-cv-00254 ) was transferred from U.S. District Court for Middle Pennsylvania. The order is stayed for seven days pending any notices of opposition, the order said. Since five actions were transferred to the U.S. District Court for Massachusetts for coordinated or consolidated pretrial proceedings Oct. 4, 216 additional actions have been transferred to the court and assigned to U.S. District Judge Allison Burroughs for Massachusetts in Boston, it said.
A social media vlogger with a career-related YouTube channel is suing an individual for fraudulently creating a domain name under his name and posting intimate photos of him for public viewing, said the vlogger's complaint Friday (docket 5:24-cv-01621) in U.S. District Court for Northern California in San Jose. Plaintiff Cory Liguore, of Pleasanton, California, previously owned and used an account on the video chat and dating app, Fuzz, on which he would “only stream to public audiences or to private individuals by invitation only,” said the complaint. Liguore also owned and used an educational YouTube channel under his name, it said. Liguore alleges defendant Kendall Simmons, “primary decision-maker” for 7+6 Management,” is responsible for “the use and public dissemination of” Liguore’s name, likeness, intimate photos from Liguore’s Fuzz account, and personal information from Liguore’s LinkedIn account and YouTube channel -- without the plaintiff’s notice or consent – to create websites on which Simmons “impersonates” Liguore and posts intimate photos of him “for any person in the public to view.” The defendants are responsible for using “coryliguore.com” as the domain name on which the fraudulent activities occurred, the complaint said. Liguore was dismissed by his employer on Nov. 13 under his employer’s belief Liguore had posted intimate photos of himself, the complaint said. The day Liguore was fired was the first day he became aware of any use of his name, intimate photos, or personal information on any website created by the defendants, it said. Liguore has suffered “severe emotional and physical stress” as a result of the discovery and publication of the website, which has violated his privacy, and from the loss of his job, it said. On Nov. 18, after filing a police report, Liguore filed a request with Google to remove the domain name and website from search results relating to his name, “because it was using his name and information without his knowledge or consent"; Google complied, said the complaint. The Pleasanton Police Dept. convinced Wix.com, the domain registrar, to take the website down and cease domain services for coryliguore.com, it said. Wix.com also identified the owner and creator of coryliguore.com as Kendall Simmons from Villa Park, Illinois, it said. Liguore asserts claims of cyberpiracy protection for individuals, cyber piracy, civil harassment, disorderly conduct and cyber exploitation, intentional and negligent infliction of emotional distress, and unfair competition. He requests preliminary and permanent injunctions, a transfer of the domain to himself, an award of statutory and other monetary compensation, plus attorneys’ fees and costs.
The Arkansas Local Police and Fire Retirement System (docket LOPFI) opposes conditional transfer order 34 (CTO-34) in In Re: MOVEit Customer Data Security Breach Litigation, said its notice of opposition (docket 3083) Thursday before the Judicial Panel on Multidistrict Litigation. Arkansas Local Police and Fire Retirement System vs. Pension Benefit Information (docket 4:24-cv-00168), filed Dec. 21 in Circuit Court of Pulaski County, Arkansas, and removed Feb. 26 to the Eastern District of Arkansas, alleges PBI failed to protect and keep secure confidential information provided by LOPFI in Progress Software’s May data breach.