-
April 06, 2026
WASHINGTON, D.C. — A District of Columbia federal judge granted in part motions for summary judgment filed by Tesla Inc. and the National Highway Traffic Safety Administration in a Freedom of Information Act (FOIA) dispute with WP Company LLC d/b/a The Washington Post, which sought to compel disclosure of certain safety records for Tesla vehicles, finding that Tesla’s hardware and software version data and crash narratives qualify as confidential under a FOIA exemption because disclosure would cause competitive harm but that the court cannot conclude NHTSA met its burden to show harm if the operational design domain (ODD) data is disclosed.
-
April 06, 2026
WASHINGTON, D.C. — Granting the FBI’s petition for a writ of certiorari in a state secrets privilege case about governmental surveillance and religious discrimination, the U.S. Supreme Court in its April 6 orders list vacated the challenged judgment and instructed that the case be remanded “to the district court for reconsideration in light of recent factual developments pertinent to this case and the government's motion to dismiss.”
-
April 03, 2026
WASHINGTON, D.C. — As oral argument approaches in a U.S. Supreme Court case where the petitioner was convicted of armed robbery through cell phone location evidence obtained through a geofence warrant that he argues was unconstitutional, the U.S. government filed a merits brief contending in part that the petitioner’s “dramatic expansion of the Fourth Amendment would stifle developments in . . . evolving areas of law and handicap the investigation of major crimes,” and amici curiae including local government organizations made similar arguments.
-
April 03, 2026
PITTSBURGH — Relying on the August opinion in Cook v. Gamestop, a Third Circuit U.S. Court of Appeals panel determined that a website user failed to allege a concrete injury to establish Article III standing, vacated a Pennsylvania federal court’s judgment and ordered the website user’s state wiretapping claim against Harriet Carter Gifts Inc. remanded to state court, holding that her alleged online browsing activity did not involve the transmission of sensitive or personal information required to establish a cognizable injury and “involved only routine conduct.”
-
April 02, 2026
ST. LOUIS — A Missouri federal judge ruled that customers whose personally identifiable information (PII) was compromised in a 2024 data breach sufficiently alleged Article III standing in a consolidated amended class action complaint, but dismissed their claims without prejudice for failure to state a claim, compelled arbitration for two named individuals based on loan-related agreements and denied without prejudice arbitration as to two others due to a factual dispute.
-
April 02, 2026
SAN JOSE, Calif. — An alleged victim of convicted sex offender Jeffrey Epstein filed a motion in California federal court seeking a protective order to proceed under a pseudonym in her putative class suit alleging that U.S. Department of Justice violated the Privacy Act by wrongfully disclosing her personally identifiable information and that of other victims of Epstein when releasing files pursuant to the Epstein Files Transparency Act and that Google LLC continues to republish that information.
-
April 02, 2026
OAKLAND, Calif. — Deeming the proposed settlement “fair, adequate, and reasonable,” a California federal judge approved a settlement in a consolidated class action lawsuit over Google LLC’s purported data sharing via its real-time bidding (RTB) and granted in part the plaintiffs’ motion for attorney fees, costs and service awards, applying the lodestar method to assess attorney fees due to the “speculative” nature of the plaintiffs’ evidence regarding the success of the injunctive relief sought.
-
April 01, 2026
WASHINGTON, D.C. — A federal judge in the District of Columbia on March 31 denied summary judgment to both sides — unions and nonprofits and federal government agencies — as to Administrative Procedure Act (APA) claims in a case over U.S. Digital Service and U.S. DOGE Service Temporary Organization (together, DOGE) personnel’s right to access U.S. Department of Labor (DOL) records, finding that “real disputes over facts foundational to plaintiffs’ APA claims . . . persist.”
-
April 01, 2026
CHICAGO — A federal judge in Illinois held that claim preclusion does not apply to a lawsuit seeking indemnification from an insurer for an underlying $20 million settlement arising from a class action lawsuit alleging the insured violated the Illinois Biometric Information Privacy Act (BIPA), further finding that although the policy’s access or disclosure exclusion applies to the underlying class action, there are genuine disputes of material facts as to the plaintiffs’ mend-the-hold and waiver arguments that may prevent the insurer from raising the exclusion.
-
April 01, 2026
SAN FRANCISCO — A Ninth Circuit U.S. Court of Appeals panel unanimously denied an objector’s petition for rehearing en banc of its decision affirming a district court order granting final approval of a $115 million class action settlement resolving claims that Oracle America Inc. unlawfully tracked and monetized users’ online activity, noting that no judge requested a vote after the full court was advised of the petition.
-
March 26, 2026
KANSAS CITY, Kan. — A U.S. magistrate judge in Kansas on March 25 amended a protective order governing the use of AI tools in chemical injury litigation, stating that any party that wishes to use an AI tool in connection with discovery materials must, prior to using the tool, provide written notice of its intent to use the tool because submission of discovery materials to an open AI tool may violate U.S. data privacy laws as well as strict disclosure rules under the European General Data Protection Regulation (GDPR).
-
March 26, 2026
WARWICK, R.I. — A Rhode Island state judge granted final approval of a $2.9 million class action settlement that resolves claims alleging that a health care provider failed to protect patient data from a 2024 ransomware attack; the class action settlement also provides service awards of $4,000 for each class representative and attorney fees of nearly $1 million.
-
March 26, 2026
BALTIMORE — A Maryland appellate panel affirmed summary judgment in favor of a health care provider in a suit alleging that its website’s embedded tracking code unlawfully disclosed patient data, holding that the Maryland Electronic Surveillance Act’s definition of communication does not include the transmission of metadata such as IP addresses, cookie values and URL information.
-
March 25, 2026
WASHINGTON, D.C. — Writing that the lower courts “have yet to settle on a consistent standard” for Article III standing in data breach cases, an insurance group and its subsidiaries petitioned the U.S. Supreme Court for a writ of certiorari, arguing that the Fourth Circuit U.S. Court of Appeals improperly expanded standing in a data breach class action by allowing a pair of plaintiffs to proceed based on the alleged disclosure of nonsensitive personal information by a third-party hacker, creating circuit splits and warranting review.
-
March 24, 2026
PORTLAND, Maine — A federal judge in Maine on March 23 opined that a putative class complaint that accuses the U.S. Department of Homeland Security and its various agencies of violating the constitutional rights of Maine residents by collecting their biometric and personal data while they are observing and recording public immigrant enforcement operations “raises serious constitutional issues” but declined to issue a temporary restraining order (TRO) as the plaintiffs failed to sufficiently show a likelihood that they will succeed on the merits of their claims.
-
March 24, 2026
SAN JOSE, Calif. — A California federal judge granted a motion for preliminary approval of a $68 million settlement of a group of plaintiffs’ putative class claims against Google LLC and Alphabet Inc. (collectively Google) for allegedly eavesdropping on Google Assistant (GA) users in violation of California’s unfair competition law (UCL) and privacy laws.
-
March 23, 2026
WASHINGTON, D.C. — The Federal Communications Commission and the U.S. government on March 20 filed their response in the U.S. Supreme Court in consolidated cases where Verizon Communications Inc. and AT&T Inc. assert constitutional challenges to the FCC’s enforcement of monetary forfeitures under the Communications Act.
-
March 20, 2026
GREENVILLE, S.C. — A South Carolina federal judge granted final approval to a $7.75 million class action settlement resolving claims that a financial services company and its affiliated lending subsidiaries failed to safeguard consumers’ names and Social Security numbers in a February 2023 data breach.
-
March 19, 2026
WILLIAMSPORT, Pa. — A Pennsylvania federal judge granted final approval of a $5 million settlement agreement between a Pennsylvania health care provider and its tech services vendor who were sued over a 2023 data breach, while separately approving $2,000 service awards for each of the named plaintiffs.
-
March 19, 2026
HOUSTON — A Texas federal judge adopted a magistrate judge’s memorandum and recommendation advising denying dismissal for lack of standing of a motion filed by a utility company and third-party benefits administrator in a putative class action against them and an employee benefit plan services company for failure to secure personally identifiable information (PII) in a data breach, finding that some of the plaintiffs sufficiently alleged injury from identity thefts to establish standing.
-
March 19, 2026
KNOXVILLE, Tenn. — A Tennessee federal judge granted final approval of an $807,500 class action settlement resolving consolidated claims that a restaurant franchisee failed to safeguard employees’ personally identifiable information (PII), resulting in a January 2023 data breach that exposed the data of more than 100,000 current and former workers.
-
March 17, 2026
SAN FRANCISCO — A California federal judge approved the cy pres distribution of $122,101.51 in remaining funds to a nonprofit consumer advocacy organization from a $27.5 million settlement of a class action over Thomson Reuters Corp.’s online gathering and sale of personally identifiable information (PII) of Californians, holding that the nonprofit has the requisite nexus to the privacy claims asserted on behalf of the class.
-
March 17, 2026
WASHINGTON, D.C. — As merits briefing continues in a case where the petitioner was convicted of armed robbery through cell phone location evidence obtained through a geofence warrant that he argues was an unconstitutional violation of the Fourth Amendment to the U.S. Constitution, the latest batch of amicus curiae briefs comes from entities that say they support neither party, including Microsoft Corp. and software and computer industry associations.
-
March 16, 2026
NEW YORK — A video game distributor will pay $2.72 million to settle a class action complaint alleging that it sent personally identifiable information to Facebook and other third parties without its users’ knowledge or consent in violation of the Video Privacy Protection Act (VPPA) after a New York federal magistrate judge gave final approval to the settlement agreement.
-
March 13, 2026
LOS ANGELES — A California federal judge granted final approval of a class action settlement resolving allegations that a corporation violated the Illinois Right of Publicity Act (IRPA) by displaying individuals’ personally identifiable information (PII) in seven-day free trials of its data aggregation products, which the plaintiffs contended were used to market paid subscriptions; the settlement provides injunctive relief barring the use of Illinois class members’ PII in free trials, includes $2,500 service awards for two class representatives and $492,500 in attorney fees and costs.