Litigation

An Illinois federal court has dismissed a proposed class action alleging X Corp. violated the state’s Biometric Information Privacy Act (“BIPA”) through its use of PhotoDNA software to create “hashes” of images to scan for nudity and related content. The court held that Plaintiff failed to allege that the hashes identified photo subjects and therefore failed to allege that the hashes constituted biometric identifiers. Martell v. X Corp., 2024 WL 3011353, at *4 (N.D. Ill. June 13, 2024).

BIPA prohibits private entities from collecting or capturing “a person’s or a customer’s biometric identifier or biometric information” without first obtaining the subject’s informed consent, among other requirements. 740 ILCS 14/15(b). BIPA defines “biometric identifier” as “a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry” and defines “biometric information” as any information “based on an individual’s biometric identifier used to identify an individual.” 740 ILCS 14/10.

In dismissing the complaint, the court agreed with X’s arguments that Plaintiff failed to plausibly allege (1) that the PhotoDNA software collects scans of facial geometry and (2) that the hashes identified photo subjects. First, the court rejected Plaintiff’s “conclusory” assertion that the creation of a hash from a photo that includes a person’s face “necessitates” creating a scan of facial geometry, saying, “The fact that PhotoDNA creates a unique hash for each photo does not necessarily imply that it is scanning for an individual’s facial geometry when creating the hash.” Id. at *2. The court distinguished Plaintiff’s allegation from those that withstood dismissal in a different case in which the plaintiff alleged that scans of photos “located her face and zeroed in on its unique contours to create a ‘template’ that maps and records her distinct facial measurements.” Id. at 3 (quoting Rivera v. Google Inc., 238 F. Supp. 3d 1088, 1091 (N.D. Ill. 2017)).Continue Reading Illinois Federal Court Dismisses BIPA Suit Against X, Holding “Biometric Identifiers” Must Identify Individuals

The Supreme Court will soon decide whether to hear two cases that could dictate the future of climate change tort suits.  Such suits have proliferated in recent years: several dozen active cases assert state tort law claims—like nuisance, trespass, and strict liability—against oil and gas companies for fueling and misleading

Continue Reading Supreme Court Receives Filings with Key Implications for Climate Change Tort Suits

The Northern District of Illinois recently denied certification to several proposed classes of purchasers of a seizure drug called Acthar in City of Rockford v. Mallinckrodt ARD, Inc., No. 3:17-cv-50107, 2024 WL 1363544 (Mar. 29, 2024).  Class plaintiffs had alleged that defendant Express Scripts, a drug distributor, conspired with

Continue Reading Court Denies Class Certification in Antitrust Case Based on Expert’s Reliance on Unsupported Assumptions in Damages Model

Only one claim survived dismissal in a recent putative class action lawsuit alleging that a pathology laboratory failed to safeguard patient data in a cyberattack.  See Order Granting Motion to Dismiss in Part, Thai v. Molecular Pathology Laboratory Network, Inc., No. 3:22-CV-315-KAC-DCP (E.D. Tenn. Sep. 29, 2023), ECF 38.

Continue Reading All but One Claim in Pathology Lab Data Breach Class Action Tossed on Motion to Dismiss

This past week, co-defendants in a class action related to the theft of cryptocurrency engaged in their own lawsuit over alleged security failures.  IRA Financial Trust, a retirement account provider offering crypto-assets, sued class action co-defendant Gemini Trust Company, LLC, a crypto-asset exchange owned by the Winklevoss twins, following a

Continue Reading Litigation Between FinTech Companies Follows Class Action Over Cryptocurrency Theft

A recent class action refiled in federal court against Shopify highlights a growing trend of lawsuits against companies related to the theft of cryptocurrency, particularly as a result of internal company threats.  See Forsberg et al v. Shopify, Inc. et al, 1:22-cv-00436 (D. Del.).  Despite not itself being a
Continue Reading Companies Increasingly Facing Class Actions Connected to Cryptocurrency Theft

In a new post on the Inside Class Actions blog, our colleagues discuss a recent Fourth Circuit opinion holding that statements about the importance a company places on data security are not actionable following a data breach.  The case, In re Marriott International, Inc., — F.4th —-, No.
Continue Reading Fourth Circuit Holds Statements About Importance of Data Security Not Actionable