The court should maintain the stay in a privacy case until defendant Hey Favor’s bankruptcy proceedings are complete, said the other defendants in their Monday opposition (docket 3:23-cv-00059) to plaintiff “Jane Doe’s” motion to lift a stay (see 2306070053) in her privacy class action in U.S. District Court for Northern California in San Francisco. The court automatically stayed Doe v. Hey Favor in April, when Hey Favor filed a voluntary petition for Chapter 11 bankruptcy protection (see 2304280021). Plaintiff Doe alleges Hey Favor knowingly and intentionally sent personally identifiable information about her medical history to Meta, TikTok, and analytics company FullStory. This month, Doe moved to voluntarily dismiss Hey Favor from her privacy claims, saying her plan would allow the case to proceed “expeditiously,” without imposing liability on, or interfering with, Favor’s bankruptcy proceedings (see 2306070053). Defendants said Monday that potential prejudice to or burden on Hey Favor is only one complication in allowing Doe’s claims to go forward: “Plaintiff’s plan fails to address the judicial efficiency problems that could arise with piecemeal litigation” and potential burden on the remaining defendants -- and the plaintiff -- in seeking discovery from a debtor if the complaint were to survive motions to dismiss, it said.

Two wiretapping actions pending in the Western District of Missouri were transferred to BPS Direct and Cabela's Wiretapping Litigation in the Eastern District of Pennsylvania, said a Thursday transfer order (MDL No. 3074) signed by U.S. Judicial Panel on Multidistrict Litigation Karen Caldwell. The two actions brought by plaintiff Arlie Tucker of St. Clair, Missouri, have common parties, identical claims and will present the same factual and legal issues, with Tucker alleging both companies’ use of session replay software constitutes “wiretapping” and violates state and federal law (see 2301180036). The JPML said that the actions involve common questions of fact and centralization in the Eastern District of Pennsylvania “will serve the convenience of the parties and witnesses and promote the just and efficient conduct of this litigation.” Plaintiffs in the putative class actions allege defendants’ use of session replay code that tracks and records the activities and data of all visitors to their websites violates state wiretap statutes, the Federal Wiretap Act, or both, plus claims under state consumer protection or data privacy statutes and common-law claims for invasion of privacy, intrusion upon seclusion or unjust enrichment. Defendants oppose centralization, arguing the actions will involve individualized factual inquiries on how each plaintiff interacted with defendants’ websites. The transfer doesn’t require a complete identity “or even majority of common factual issues as a prerequisite to transfer,” said JPML. Defendants BPS Direct and Cabela’s oppose centralization, requesting the Western District of Missouri as the transferee district, said the order. Defendants argued for deferral until after defendants’ pending motions to dismiss have been ruled on “and the viability of plaintiffs’ claims has been determined,” the order said. “These arguments are not persuasive,” said JPML, which has “routinely” centralized actions asserting similar claims under different state statutes where they involve common questions of fact. Three of the cases are pending in Pennsylvania. Cases are Moore v. BPS Direct in the Southern District of California, Montecalvo v. Cabela’s in Massachusetts, Tucker v. BPS Direct in Western District of Missouri, VonBergen v. BPS Direct in the Eastern District of Pennsylvania, and Cornell v. BPS Direct and Calvert v. Cabela’s in Western District of Pennsylvania. The case was assigned to U.S. District Judge Mark Kearney.

U.S. District Judge Manish Shah for Northern Illinois in Chicago granted the motion of Match Group and its four co-defendants in an Illinois Biometric Information Privacy Act complaint for a stay in the court-ordered transfer of the case to the Northern District of Texas, said a docket entry notification Wednesday (docket 1:22-cv-06924). The defendants asked for the stay until the court can resolve their motion for reconsideration of the transfer (see 2306140041). They based their motion to reconsider on the grounds that it was a “manifest error” for the judge to conclude that an Illinois small claims court can’t hear plaintiff Marcus Baker’s case, said the defendants.

U.S. District Court Judge Edward Davila granted (docket 5:22-cv-07069) Apple's proposed order to consolidate Puleo v. Apple with Apple Data Privacy Litigation, said a Wednesday filing in U.S. District Court for Northern California in San Jose. Puleo arises out of similar facts and circumstances as those alleged in the related cases, said the filing. Plaintiff Bruce Puleo’s privacy lawsuit alleges Apple tracks users’ mobile app activity in order to harvest their personal data, despite their explicit direction not to. Apple Data Privacy Litigation alleges Apple illegally records and collects data on consumers’ mobile app activity even when the tracking feature is disabled via a device’s privacy setting. Davila consolidated 15 related cases in March and another last month.

Match Group and its four co-defendants in the Illinois Biometric Information Privacy Act complaint brought by plaintiff Marcus Baker seek a stay in the court-ordered transfer of the case to the Northern District of Texas (see 2306010033) until the court can resolve the defendants’ motion for reconsideration of the transfer, said their motion to stay Tuesday (docket 1:22-cv-06924) in U.S. District Court for Northern Illinois in Chicago. Match Group unsuccessfully sought dismissal of the complaint so it could be heard in small claims court, but U.S. District Judge Manish Shah agreed with Baker that small claims court “isn’t the right place for this case,” choosing instead to transfer the case to the Northern District of Texas. The defendants’ motion to reconsider is based on the grounds that it was a “manifest error” for the judge to conclude that an Illinois small claims court can’t hear Baker’s case, it said. Granting a stay would permit the court to retain its jurisdiction over this case pending a ruling on the motion to reconsider, it said. It would also preserve judicial and party resources by avoiding a transfer and any “dual-track litigation” while this court considers “potentially dispositive arguments” in the motion to reconsider, it said.

Six plaintiffs in the privacy suit against Massachusetts Gov. Maura Healey (D) and Massachusetts Department of Public Health Commissioner Robert Goldstein oppose the defendants’ motion to dismiss their complaint (see 2305240045), said their opposition Tuesday (docket 3:22-cv-11936) in U.S. District Court for Massachusetts in Springfield. The plaintiffs allege DPH secretly installed, without either consent or legal authority, a COVID-19 contact-tracing app on more than a million Android devices, in clear violation of constitutionally protected privacy and property rights. The plaintiffs adequately stated claims under the Fourth Amendment and the Fifth Amendment’s takings clause, said their opposition. The state’s voluntary cessation of the MassNotify program doesn’t moot those claims, it said. The court should reject the defendants’ “implausible and unsupported claim” that DPH had nothing to do with shutting down an app that it developed and still bears the agency’s name, it said. Shutting down the app was “voluntary cessation,” and the plaintiffs’ claims aren’t moot under that “exacting doctrine” because they fail to make it clear that the alleged wrongful behavior couldn’t reasonably be expected to recur, it said. The defendants received data that was “unconstitutionally collected” through the app, it said. The case isn’t moot when the court “can still provide relief by ordering deletion of the misbegotten data,” it said. The defendants don’t dispute that installations of the app “constitute trespass and privacy invasions in violation of the Fourth Amendment,” said the opposition. Their claim the DPH app doesn’t gather information about device owners is “contradicted by their admission to have received user data” through the app, it said. The defendants also wrongly contend that surreptitious installations of unwanted software “is not a Fifth Amendment taking because no one has a property interest in digital storage space on their privately owned mobile devices,” it said. The court “must reject this untenable position because its adoption would extinguish tangible property rights for hundreds of millions of Americans,” it said.

U.S. District Judge Vernon Broderick for Southern New York in Manhattan threatened to dismiss plaintiff Emma Mendoza’s Video Privacy Protection Act class action against Newsweek Digital for failure to prosecute if the parties fail to file a proposed joint case management plan and scheduling order by June 19, said his signed order Monday (docket 1:23-cv-00643). May 11 was Mendoza’s new deadline to oppose Newsweek Digital’s motion to dismiss, but Mendoza never filed an opposition or another extension request, said the order. The parties also ignored Broderick’s May 22 order to submit a joint letter and a proposed case management plan and scheduling order by June 5, it said. Mendoza’s Jan. 25 complaint alleges Newsweek Digital unlawfully tracks and discloses to Facebook its subscribers’ viewed video media and Facebook IDs without their consent (see 2301260043).

U.S. District Court Judge Marilyn Huff granted JetBlue’s motion to dismiss a privacy lawsuit for lack of subject-matter jurisdiction, said her Monday order (docket 3:23-cv-00361) in U.S. District Court for Southern California in San Diego. Last month, Huff continued the hearing on the airline’s motion to dismiss the privacy complaint to June 26 (see 2305250064). "Plaintiff has failed to adequately allege that she suffered a concrete harm, and, therefore, Plaintiff has failed to satisfy the injury in fact element for Article III standing," said the judge. Plaintiff Anne Lightoller alleged JetBlue used session replay code from FullStory to record her mouse movements, clicks and keystrokes on its website, in violation of the California Invasion of Privacy Act (CIPA). Lightoller’s February complaint against JetBlue was one of 17 CIPA suits filed by her Hausfeld counsel in the previous seven months, “each pleading near verbatim identical facts based on various website operators’ alleged collection of innocuous data plaintiffs voluntarily provided online,” said JetBlue’s May 23 reply in support of its motion to dismiss. Lightoller voluntarily dismissed a similar complaint against Cheesecake Factory last month (see 2305110031).

U.S. District Court Judge Gonzalo Curiel granted the parties’ joint motions to consolidate four privacy class actions against Carnival cruise lines, said a Monday order (3:23-cv-00404) in U.S. District Court for Southern California in San Diego (see 2306090065). The four lawsuits claim violation of the California Invasion of Privacy Act. A review of the complaints shows all four cases are putative class actions brought by respective plaintiffs against the same defendant, “concerning the same alleged privacy rights violations” committed by Carnival in its use of computer code to record its visitors’ electronic communications, said the order. The related actions pending in Southern California district court are India Price v. Carnival (docket 3:23-cv-00236), Erica Mikulsky v. Carnival, (docket 3:23-cv-00404), Marilyn Hernandez v. Carnival (docket 3:23-cv-01034) and Ariel Oliver v. Carnival, (docket 3:23-cv-01036). A fifth case, brought by Daniel Rubridge in U.S. District Court for Massachusetts, was stipulated for a transfer to the Southern California federal court, but the order hasn’t been entered.

Plaintiffs Robert Alexander, David Vito, Michael Clancy and Mario Canario voluntarily dismissed their negligence and breach of contract lawsuit against Bristol Community College, said a Friday notice (docket 1:23-cv-11194) in U.S. District Court for Massachusetts in Boston. The May lawsuit (Ref:2306010061) alleged Bristol failed to invest in adequate data security, enabling hackers to exfiltrate their personally identifiable information during a December data breach.