-
April 30, 2026
FLINT, Mich. — A Michigan state court judge granted final approval to a $14 million class action settlement resolving consolidated federal and state litigation alleging that McLaren Health Care Corp. failed to protect patients’ personally identifiable and protected health information in two ransomware-related data breaches in 2023 and 2024, awarding class counsel $4.67 million in attorney fees and approving service awards of $1,500 for each of the 11 named plaintiffs.
-
April 29, 2026
WASHINGTON, D.C. — Unanimously reversing a Third Circuit U.S. Court of Appeals ruling, the U.S. Supreme Court on April 29 held that pregnancy center operator First Choice Women’s Resource Centers Inc.has standing to challenge a subpoena from New Jersey’s attorney general in federal court because “First Choice has established a present injury to its First Amendment associational rights.”
-
April 29, 2026
SHERMAN, Texas — A Texas federal judge granted final approval to a settlement of a data breach class action suit brought against a mortgage and property services company for a breach of its data in 2023 by cybercriminals who gained access to personally identifiable information (PII) belonging to nearly 3,000 current and former employees and customers, plus more than $137,000 in attorney fees and costs.
-
April 29, 2026
CARTHAGE, N.C. — A North Carolina state court judge granted final approval of a class action settlement in a data breach suit alleging that a radiology practice failed to safeguard patients’ personally identifiable information, which led to the data breach impacting more than 8,000 class members, finding “fair, reasonable, and adequate” the terms of the claims-made settlement which provides, among other things, that the practice pay $100,000 in attorney fees and expenses to class counsel.
-
April 29, 2026
RIVERSIDE, Calif. — A California federal judge dismissed a putative class action suit against Paramount Skydance Corp. and Pluto Inc. alleging that they unlawfully collected and disclosed minors’ personally identifiable information to third parties, including Alphabet Inc. (Google) and Microsoft Corp., in violation of federal and state privacy laws, finding that the parents who sued on behalf of their minor children failed to establish standing under Article III of the U.S. Constitution.
-
April 28, 2026
BOSTON — A Massachusetts federal judge granted motions filed by higher education associations and a group of private colleges seeking preliminary injunctive relief, extending an earlier injunction barring enforcement of the U.S. Department of Education’s (DOE) admissions data reporting requirement in an Administrative Procedure Act (APA) challenge brought by 17 states, after finding that the intervenors raised substantially identical claims that the agency action was arbitrary and capricious, exceeded statutory authority and was adopted without observance of required procedures.
-
April 28, 2026
WASHINGTON, D.C. — For two hours on April 27, the U.S. Supreme Court heard oral argument in a lawsuit over whether a geofence warrant that enabled police to obtain cell phone location evidence from a technology provider violated the Fourth Amendment of the U.S. Constitution, with both sides stressing the breadth of the issues the high court could address in the case.
-
April 24, 2026
SAN JOSE, Calif. — A California federal magistrate judge granted a request to proceed anonymously by a Jane Doe plaintiff seeking to represent “Jeffrey Epstein survivors” whose personally identifiable information was disclosed by the U.S. Department of Justice (DOJ) in her putative class action against the United States and Google LLC for violating federal privacy laws and California’s unfair competition law (UCL).
-
April 22, 2026
PASADENA, Calif. — Writing that an appeal brought by individuals seeking to intervene in a class action settlement with Google “presents an example of ‘too little, too late’ for would-be class action intervenors,” a Ninth Circuit U.S. Court of Appeals panel affirmed a district court’s denial of intervention and held that the absent class members’ attempt to enter the case to preserve appellate review of the denial of a damages class was untimely because it came years after that ruling and on the eve of settlement approval and would prejudice the parties by likely unraveling the negotiated injunctive relief settlement.
-
April 22, 2026
TAMPA, Fla. — A Florida federal judge granted final approval of a $650,000 data breach class settlement against a beverage company, certifying a nationwide class and awarding one-third in attorney fees over the company’s objection, after earlier denying preliminary approval and requiring the plaintiff to cure deficiencies in the settlement papers in a case arising from a cyberattack that allegedly exposed employees’ personal information.
-
April 21, 2026
WASHINGTON, D.C. — The U.S. Supreme Court on April 21 heard oral argument in consolidated cases in which Verizon Communications Inc. and AT&T Inc. assert constitutional challenges to the Federal Communications Commission’s enforcement of monetary forfeitures under the Communications Act, arguing that the FCC’s forfeiture orders are unlawful because they impose monetary penalties without a jury trial.
-
April 21, 2026
WASHINGTON, D.C. — A California man requested the U.S. Supreme Court to reverse a Sixth Circuit U.S. Court of Appeals ruling that he is not a “‘consumer’” under the Video Privacy Protection Act (VPPA), arguing that the appellate court added an audiovisual limitation to the statute’s definition amid a circuit split over whether the VPPA applies to all goods or services offered by a video tape service provider (VTSP) or only to its audiovisual offerings in cases alleging that website operators disclosed users’ video-viewing activity and identifying information to third parties through tracking technologies.
-
April 20, 2026
NEW YORK — A New York federal judge denied Cable News Network’s (CNN) motion to dismiss a proposed class action alleging unlawful web tracking under the California Invasion of Privacy Act (CIPA), holding that the website user who brought the case plausibly alleged a concrete privacy injury where third-party trackers collected and linked user data to identifiable profiles sold to advertisers, and that such tracking technologies are not exempt from liability at the pleading stage.
-
April 14, 2026
WASHINGTON, D.C. — Motions for a preliminary injunction were filed in a District of Columbia federal court in three actions brought by political advocacy groups pursuant to a coordinated briefing schedule, seeking to enjoin overlapping provisions of a March executive order issued by President Donald J. Trump requiring federal agencies to compile state-specific citizenship lists and directing the U.S. Postal Service (USPS) to condition the transmission of mail-in voting ballots on federally derived eligibility criteria.
-
April 13, 2026
RICHMOND, Va. — A divided en banc Fourth Circuit U.S. Court of Appeals on April 10 vacated a trial court’s April 2025 preliminary injunction — an injunction that was stayed by the U.S. Supreme Court in June 2025 — in a suit by a union and two groups representing a combined 7 million Americans who challenged access to Social Security Administration (SSA) records provided to individuals working for U.S. DOGE Service and U.S. DOGE Service Temporary Organization(together, DOGE).
-
April 13, 2026
WASHINGTON, D.C. — In consolidated cases before the U.S. Supreme Court in which Verizon Communications Inc. and AT&T Inc. assert constitutional challenges to the Federal Communications Commission’s enforcement of monetary forfeitures under the Communications Act, Verizon and AT&T on April 13 filed a reply brief, arguing that the FCC’s forfeiture orders are unlawful because they impose monetary penalties without a jury trial.
-
April 10, 2026
PHILADELPHIA — A federal judge in Pennsylvania granted a joint motion to transfer a consolidated class lawsuit over an October 2025 breach of University of Pennsylvania’s (UPenn) Department of Alumni Relations (DAR) systems and a fall 2025 data breach of Oracle Corp.’s E-Business Suite (Oracle EBS) to Texas where there is a consolidated data breach action pending against the trustees of UPenn and others related to the Oracle EBS breach.
-
April 10, 2026
LOS ANGELES — The National Collegiate Athletic Association (NCAA) and Turner Sports Interactive Inc. asked a California federal court to stay a proposed class action alleging unlawful web tracking under the California Invasion of Privacy Act (CIPA) pending the Ninth Circuit U.S. Court of Appeal’s forthcoming decision in Drummer v. CoStar Grp., Inc., which is expected to clarify whether similar third-party tracking allegations establish Article III standing and could be dispositive of the present action.
-
April 10, 2026
BUFFALO, N.Y. — A New York federal judge granted in part a criminal defendant’s motion seeking access to jury records containing personally identifiable information (PII) to challenge the composition of the petit jury, holding that the defendant demonstrated a need for such data and that limited disclosure of names, addresses and dates of birth will be subject to a forthcoming protective order.
-
April 10, 2026
SAN FRANCISCO — A New York man filed a class complaint in a federal court in California seeking monetary and equitable relief for a putative class of former contract workers and customers of a San Francisco-based artificial intelligence hiring startup whose data was allegedly stolen due to a supply chain attack.
-
April 08, 2026
BOSTON — A Massachusetts federal judge granted in part a preliminary injunction barring the U.S. Department of Education (DOE) from enforcing a new higher education information survey against 17 plaintiff states, holding in an Administrative Procedure Act (APA) challenge that the agency’s decision to require colleges to report detailed, disaggregated admissions data for potential civil rights enforcement was likely arbitrary and capricious because it was implemented on an unexplained 120-day timeline without adequately addressing public comments or considering reasonable alternatives.
-
April 08, 2026
GREENSBORO, N.C. — A North Carolina federal judge granted in part and denied in part a shoe retailer’s motion to dismiss a putative class action lawsuit brought against it by two people who claim that their personally identifiable information (PII) was divulged when cybercriminals accessed an email account belonging to an employee of the retailer, finding that the plaintiffs plausibly alleged standing but agreeing to dismiss their claim for breach of bailment.
-
April 08, 2026
CHICAGO — Ruling on three consolidated appeals regarding whether an amendment to the Illinois Biometric Information Privacy Act (BIPA) limiting recovery to a single violation applies retroactively to cases pending when the amendment was enacted, the Seventh Circuit U.S. Court of Appeals reversed and remanded lower court rulings holding that the amendment applies prospectively only, finding that the amendment applies retroactively to the cases pending at the time it was enacted because it “impacts only the statutory damages available to plaintiffs.”
-
April 07, 2026
WASHINGTON, D.C. — The National Association for the Advancement of Colored People (NAACP) and other advocacy groups filed suit in a Washington, D.C., federal court challenging as unconstitutional President Donald J. Trump’s March 2026 executive order requiring federal agencies to compile state-specific citizenship lists and directing the U.S. Postal Service (USPS) to condition the transmission of mail-in voting ballots on federally derived eligibility criteria; complaints challenging the executive order were also filed by the Democratic Senatorial Campaign Committee (DSCC) and the League of Women Voters of Massachusetts.
-
April 07, 2026
NEW YORK — Finding that the U.S. Office of Personnel Management (OPM) and the Department of Government Efficiency (DOGE) failed in “their burden of demonstrating that continued sealing of the DOGE Agents’ identities is necessary to preserve a higher value,” a New York federal judge granted a motion filed by unions and related parties to unseal the names of 16 DOGE agents in a suit alleging that DOGE violated the Privacy Act and the Administrative Procedure Act (APA) by accessing personnel records maintained by the OPM.