Cybersecurity & Data Privacy

Lieff Cabraser’s Cybersecurity and Data Privacy practice group is nationally recognized, having won the National Law Journal’s 2019 Elite Trial Lawyers award for privacy and data breach litigation. Additionally, the practice group was named Law360’s 2017 Data Privacy Practice Group of the Year.

Privacy Faces its Greatest Challenge in the Digital Age

Today, much of our daily life is carried on through interactions in the digital world. We are in constant digital communication through texts, videos, photos, and audio, all often with digital location tags to places in the real world. We maintain our personal relationships digitally through online social media and email. We bank digitally. We pay for things at the store digitally. We entertain ourselves digitally. When we travel from place to place, we use a GPS device to get us there. And the digital world never blinks. There is a digital record of virtually every interaction we have with the world beyond our homes, and with the proliferation of so called “smart” devices, more and more often with what is going on inside our homes.

As a result, intrusions into our lives, whether on purpose or by accident, are inevitable, and the opportunity to share and profit from our most private and intimate personal information is unprecedented and nearly limitless. As our society reaps the benefits of technological innovation—smarter phones and appliances, savvier social media platforms, snappier apps, computing in the cloud—we must rise to the challenge to maintain traditional common law values of privacy and to protect our fundamental right to a private life.

Lawyers Dedicated to Preserving Privacy

Lieff Cabraser is committed to ensuring that the fundamental right to privacy is respected and endures even as technology evolves and society changes.

Our attorneys have the experience and technical expertise necessary to successfully litigate a comprehensive range of privacy claims. We represent individuals in precedent-setting cases against powerful technology, social media, healthcare, and entertainment companies, as we aim to reaffirm and enforce the privacy protections that the law provides to secure the most sensitive personal information of citizens here and around the world.

Significant Digital Privacy Lawsuits

  • In a series of child online privacy lawsuits, Lieff Cabraser represents parents, individually and on behalf of their minor children, in federal class action litigation against numerous online gaming app developers, including Disney, Viacom, and the makers of the vastly popular Subway Surfers app, and their marketing partners. Plaintiffs allege that these companies violate state privacy protection laws by exporting, exploiting, and monetizing children’s personal information from mobile games without parental consent, in violation of long-standing privacy norms. Lieff Cabraser also works with the Office of the Attorney General for the State of New Mexico in federal litigation against a foreign developer of child-directed apps and its marketing partners. This lawsuit alleges that the defendants’ collection of children’s data without adequate disclosures and verified parental consent violates New Mexico state law and the federal Children’s Online Privacy Act (“COPPA”). In May 2019 U.S. District Judge James Donato denied a motion to dismiss the case, rejecting the defendants’ argument that “secretly harvest[ing]” data about children’s online activities was insufficiently “offensive or egregious” to violate the law.
  • Lieff Cabraser represents users of Google’s operating system and mobile apps, including Google Maps, in litigation against Google for its surreptitious location tracking of millions of mobile device users. Google expressly represented to users that they could prevent the company from tracking and storing their location history by utilizing certain privacy settings on their devices. Plaintiffs allege that despite this representation, Google nonetheless collected data and stored their location information even when users attempted to protect this sensitive data by activating privacy settings on their devices.
  • Lieff Cabraser currently represents customers and patients whose personal information was stolen in two recent data breaches. In a case against Marriott International, Lieff Cabraser was appointed to the Plaintiffs’ steering committee in April 2019. The plaintiffs allege that Marriott was negligent and violated state consumer protection laws by failing to safeguard the personal information, including passport numbers, of customers who had stayed at Starwood hotels. In a case against Quest Diagnostics, LabCorp, and other blood testing laboratories related to a breach of sensitive medical information, Lieff Cabraser was appointed Co-Lead Counsel of the Quest litigation track in November 2019.
  • In Lieff Cabraser’s Google Street View case, the Ninth Circuit Court of Appeals held that federal privacy law applies to residential Wi-Fi networks. Following argument by Lieff Cabraser founding partner Elizabeth Cabraser, the holding was hailed as “a landmark decision for Internet privacy.” The Court rejected Google’s assertion that it could gather email messages, usernames, passwords, images, documents, and other personal information from individuals without their knowledge or authorization because data transmitted over a Wi-Fi network was a “radio communication” and was “readily accessible to the public.” Lieff Cabraser represents a class of United States residents whose unencrypted Wi-Fi data was intercepted by Google Street View vehicles between 2007 and 2010. In September 2019, the Court granted preliminary approval to a settlement requiring Google to destroy the data it collected and establish a $13 million settlement fund for the benefit of non-profit organizations that will commit to use the funds to promote the protection of Internet privacy. In granting preliminary approval, U.S. District Judge Charles Breyer commented that this is “significant litigation,” and “We are now into a whole unexplored, but sensitive, area dealing with privacy in the cyberworld . . . . [T]his is an area that will foment practices, litigation, jurisprudence, and I think it’s worthwhile.”
  • Lieff Cabraser represents plaintiffs in litigation against Facebook for allegedly scanning and intercepting users’ private email messages on its social network. Ruling on a motion to dismiss argued by practice group chair Michael Sobol, Judge Phyllis Hamilton stated: “An electronic communications service provider cannot simply adopt any revenue-generating practice and deem it ‘ordinary’ by its own subjective standard.” In May, 2016, the Court certified a class of Facebook users for purposes of pursuing injunctive relief. Following extensive discovery regarding Facebook’s business practices, the Court granted final approval to a settlement of the action in August 2017. An appeal is pending.
  • Lieff Cabraser represented plaintiffs in a digital privacy class action against Google over claims the Gmail service conducted unauthorized scanning of email messages to build marketing profiles and serve targeted ads without obtaining consent. The United States District Court for the Northern District of California granted final approval to a settlement of the action in February, 2018. Pursuant to the settlement, Google agreed that it will no longer scan the contents of emails sent to Gmail accounts for advertising purposes, whether during the transmission process or after the emails have been delivered to the Gmail user’s inbox.
  • Lieff Cabraser served on the Plaintiffs’ Steering Committee in litigation against health insurance giant Anthem, Inc., for Anthem’s failure to implement and abide by standard security protocols, which resulted in a massive 2015 data breach involving identifiable personal information and health information belonging to more than 79 million of Anthem’s members.  Because insurers like Anthem collect and store highly sensitive information as part of their business practices, they must ensure that such information is properly safeguarded and shielded from cybercriminals. In 2018, the Court granted final approval to a $115 million settlement of the action, which also required Anthem to implement rigorous cybersecurity measures.
  • Lieff Cabraser served as Chair of the Plaintiffs’ Executive Committee in consolidated class action litigation against Intuit arising out of its TurboTax service, used to file an estimated 30 million tax returns for American taxpayers every year. The complaint alleged that Intuit failed to take adequate precautions to prevent cybercriminals from filing thousands of fraudulent tax returns in the names of the plaintiffs and thousands of other individuals across America, including persons who never even purchased TurboTax. The court granted final approval to a settlement of the action in May 2019.
  • Lieff Cabraser served as Plaintiffs’ Interim Co-Lead Counsel in class action litigation against Sony for its failure to take reasonable measures to secure the data of its employees from hacking and other attacks. In 2014, hackers stole the personally identifiable information of thousands of current and former Sony employees and their families (including Social Security Numbers, addresses, salaries and other employment information, and medical information), and published some of the information on the Internet. In April 2016, the Court approved a class settlement that provides for up to $4.5 million to reimburse class members for their losses, and also provides class members with two additional years of identity protection services.
  • The unauthorized use of one’s name and image for commercial purposes can be as harmful to an individual as covertly obtaining private and personal information. Lieff Cabraser represented members of the professional social network LinkedIn in class action litigation challenging LinkedIn’s use of a service called Add Connections related to LinkedIn’s alleged failure to obtain its members’ consent to use their names and likenesses in Add Connection invitation emails to non-members. The Court granted final approval of a settlement in February 2016, which required LinkedIn to provide additional functionality to ensure user control of the use of their information and established a $13 million settlement fund.
  • Lieff Cabraser served as plaintiffs’ counsel in class litigation against Samsung, LG, Motorola, HTC, and Carrier IQ alleging the smartphone manufacturers violated privacy laws by installing tracking software, called IQ Agent, on millions of cell phones and other mobile devices that use the Android operating system. Without notifying users or obtaining their consent, IQ Agent tracks users’ keystrokes, passwords, apps, text messages, photos, videos, and other personal information and transmits this data to cellular carriers. In 2016, the Court granted final approval of a $9 million settlement plus injunctive relief provisions.
“We are now into a whole unexplored, but sensitive, area dealing with privacy in the cyberworld . . . . [T]his is an area that will foment practices, litigation, jurisprudence, and I think it’s worthwhile.”
–U.S. District Judge, September 2019, approving preliminary settlement in Lieff Cabraser’s Google Street View Litigation

Contact Us

Please use the form below to contact a digital privacy attorney at Lieff Cabraser. You can also call us toll-free at 1 800 541-7358. There is no charge or obligation for our review of your case. The information you provide will help us hold companies accountable for their failures to properly secure and protect personal user information in every sphere of modern life.


First Name (required)

Last Name (required)

Email address (required)

Street Address

City

State

Zip

Telephone Day

Telephone Eve

How did you find our site?

Are you currently represented by an attorney?

Comments or additional information:

Please sign me up for your Consumer Law newsletter. Yes


Lieff Cabraser’s Cases in Digital Privacy


CaseIssue
Anthem Patient Data BreachFailure to safeguard private medical data
Facebook MessagesImproper Scanning of private messages
Google Street ViewInterception of private communications
Plaid Financial Privacy ViolationsFailure to safeguard banking data
Quest DiagnosticsFailure to safeguard private medical and financial data
TurboTaxIdentity theft and tax fraud
Turn Web Tracking SoftwareSmartphone "zombie" cookies
VTech Child Data BreachFailure to safeguard child data


CaseAllegation
23andMePrivacy violations
Experian Data BreachFailure to adequately safeguard personal/financial data
Marriott/Starwood HotelsData breach
Weather Channel AppImproper tracking


CaseResult
Carrier IQ Privacy$9 million settlement (2016)
Sony Data Breach$8 million settlement
LinkedIn "Add Connections"$13 million settlement (2016)
AT&T and NSA SurveillanceAT&T Granted Immunity by Congress; lawsuit halted (2008)