Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Tag Archives: Supreme Court

Posted in Privacy & Security Litigation

U.S. Supreme Court Takes Microsoft Corp. v. United States in Law Enforcement Access Row

Last Monday, the Supreme Court granted certiorari in the Microsoft search warrant case, a case in which Microsoft challenged the U.S. government’s right to use the warrant process to obtain certain emails stored overseas. Some view the upcoming decision as signaling the level of access the U.S. government will have to the growing troves of data U.S.-based technology companies hold about citizens of the world. And regulators in the EU and other jurisdictions may view a reversal of the Second Circuit decision as a negative factor when considering the protections the U.S. government afford their citizens’ data. The case was previously decided twice in Microsoft’s favor in the Second Circuit, which declined to grant en banc review by a 4-4 decision.

Posted in Consumer Privacy, Privacy & Security Litigation

The Ninth Circuit Revives Consumer Class Action, Finding Intangible Harm Sufficient to Confer Article III Standing

The six-year fight over the type of harm a plaintiff must allege to satisfy the “injury in fact” requirement for lawsuits alleging false reporting of credit information took its latest turn this week. On Tuesday, August 15, 2017, the U.S. Court of Appeals for the Ninth Circuit, on remand from the United States Supreme Court, issued its opinion- hyperlink to the opinion] in Spokeo, Inc. v. Robins, a highly-watched case challenging whether a plaintiff can satisfy Article III standing based solely on a technical violation of the Fair Credit Reporting Act. Plaintiff Thomas Robins brought a putative class action for willful violations of the FCRA against Spokeo, Inc., a company that generates profiles about people based on publicly available data. Among other things, Robins averred that Spokeo published an allegedly inaccurate profile about him on its website and therefore harmed his employment prospects at a time when he was out of work. The Ninth Circuit’s three-judge panel held that the publication of materially inaccurate information about Robins sufficed as concrete injury for purposes of Article III standing, even without specific allegations of tangible harm from that publication.

Posted in Privacy & Security Litigation

Supreme Court to Hear Location Privacy Case

On Monday, the Supreme Court granted certiorari in Carpenter v. United States, a Sixth Circuit case that provides the Court with the opportunity to clarify whether individuals have a reasonable expectation of privacy in location data shared with electronic communications service providers. Specifically, the Court will consider whether the Fourth Amendment requires law enforcement to obtain a warrant for the search and seizure of wireless carriers’ cell phone data that reveals the cell phone user’s location over the course of several months; or whether such location information falls within the long-recognized “third-party doctrine” exception to Fourth Amendment protections. A definitive Supreme Court holding on these issues could clarify presently muddled case law surrounding cell-site tracking data and perhaps inform judicial interpretations of privacy torts and other issues related to the collection, use, and sharing of location data.

Posted in Consumer Privacy, Privacy & Security Litigation

Justices Rule That Injury In Fact Must Be Concrete, Requiring More Than A Statutory Violation

On Monday, May 16, 2016, the Supreme Court of the United States issued its highly anticipated opinion in Spokeo, Inc. v. Robins, a case that examined the question of whether a plaintiff who sued for a technical violation of the Fair Credit Reporting Act could maintain Article III standing for a class action without claiming any real-world injury. The case before the Court involved a putative class action brought against petitioner Spokeo, Inc., a company that generates profiles about people based on information obtained though computerized searches. Respondent Thomas Robins was one of the people with a profile on Spokeo’s website. According to Robins, the information on that profile was inaccurate. Robins filed a class-action complaint against Spokeo in federal court, alleging violations of the FCRA, which requires consumer reporting agencies to “follow reasonable procedures to assure maximum possible accuracy of” consumer reports. The Ninth Circuit held that by alleging the violation of a statutory right Robins had satisfied the injury-in-fact requirement of Article III standing.

Posted in Consumer Privacy, Privacy & Security Litigation

Supreme Court Standing Case Has Implications for Privacy Litigation

On February 26, the U.S. Supreme Court ruled in Clapper v. Amnesty International that a group of U.S. citizens and U.S.-based organizations did not have standing to challenge the constitutionality of a provision of the Foreign Intelligence Surveillance Act (FISA) that allows the U.S. Government to monitor the electronic communications of non-U.S. persons located on […]

Posted in Consumer Privacy

Supreme Court Agrees to Hear Geolocation Privacy Case

The Supreme Court on June 27 granted certiorari in a geolocation tracking case that could have implications for companies that incorporate location-tracking features into their products or that monitor the locations of their employees for asset-tracking or business-productivity purposes.

Posted in Health Privacy/HIPAA

Supreme Court Strikes Down Prescription Data-Mining Ban

The U.S. Supreme Court struck down today a Vermont law prohibiting pharmaceutical companies from buying or using prescription data for marketing. The decision, Sorrell v. IMS Health, holds that the state law prohibiting the sale or disclosure for marketing purposes of prescription data that identifies prescribers (but not patients) is an unconstitutional infringement on the free speech rights of pharmaceutical and data mining companies.

Posted in Health Privacy/HIPAA

Is Access to Prescriber-Identifiable Data Protected as Free Speech?: The Supreme Court Hears Oral Arguments in Sorrell v. IMS Health

On April 26, the Supreme Court heard oral arguments in Sorrell v. IMS Health – the first case heard by the Court that considers the limitations that a state may put on mining health data for commercial purposes. Specifically, this case raises the issue of how the government regulation of data mining practices impacts both the privacy rights of individuals and the speech rights of companies – both data mining companies and their customers.