iDevice privacy class action
March 27, 2018 – Federal district court judge Jon S. Tigar today granted final approval of the class action settlement reached in the firm’s breach of privacy case against a range of mobile application developers (including Twitter, Instagram and Yelp!) and Apple, Inc. Following hotly-contested litigation, including a successful class certification effort led by firm partner David Given, Judge Tigar preliminarily approved the $5.3 million settlement in July 2017. Today’s order marks the beginning of the end of the case, which began in March 2012 after reporting in the New York Times about private contact data being removed from iDevices without users’ knowledge or consent. Approximately 60,000 class members who made claims will share in the common fund. “As Judge Tigar’s order recognizes, this is an excellent result for the class,” Mr. Given said. “Moreover, the case produced four published decisions,” Mr. Given continued, “clarifying consumers’ rights to control their personal data and establishing a basis to pursue legal claims classwide when technology companies take or misuse that data.” A final judgment in the case is expected soon.
December 14, 2017 – Federal district court judge Jon S. Tigar indicated from the bench today that he will grant final approval to the $5.3 million settlement made on behalf of 13 named plaintiffs in their long-running breach of privacy case against eight mobile application developers and Apple, Inc. The settling app developers – Foodspotting, Foursquare, Gowalla, Instagram, Kik, Path, Twitter, and Yelp – have already deposited $5.3 million earmarked, net of costs and fees, to pay the approximately 60,000 class members making claims. Partner David Given, who led the firm’s effort on behalf of the class, cited plaintiffs’ success in this complex and evolving area of the law in support of the settlement. "The case resulted in four reported decisions,” Mr. Given said, “clarifying consumers’ rights and establishing a basis for class certification of personal device users for data privacy breaches by app developers and device manufacturers.” An order and final judgment (there were no objectors to the settlement) is expected soon.
July 6, 2017 – Federal district court judge Jon S. Tigar today granted the firm’s motion for preliminary approval of a proposed class action settlement made on behalf of several named plaintiffs in their long-running breach of privacy case against eight mobile application developers and Apple, Inc. Led by firm partner David Given, the settlement agreement is the product of several years of extensive discovery and vigorous negotiations. The settling app developers – Foodspotting, Foursquare, Gowalla, Instagram, Kik, Path, Twitter, and Yelp – will pay $5.3 million to establish a non-reversionary common fund for class members, who consist of anyone in the U.S. who activated the applicable versions of the apps on their Apple devices during the relevant time period. Plaintiffs’ case against Apple for misrepresentation and false advertising in connection with its security and privacy promises relating to iDevices remains ongoing; Judge Tigar heard and took under submission a motion for certification of that class, and an order is expected soon. A hearing for final approval of the app developer settlement is set for December 14, 2017 at 2:00 p.m. For more information about the settlement and the claims process, click here.
May 5, 2017 – Plaintiffs filed papers today replying to App Store proprietor Apple, urging that their claims of false advertising be certified for class treatment on behalf of several million consumers nationwide who bought various versions of the iPhone and iPad whose operating systems allowed the surreptitious upload of address book data from those users’ iDevices. Plaintiffs contend that Apple’s insistent messaging of concern for users’ “privacy” and “security” in their personal contact data was false, that its products were tainted, and that consumers were misled and as a result overpaid for those devices. Federal district court judge Jon S. Tigar has set a May 31st hearing on the matter.
March 8, 2017 – Federal district court judge Jon S. Tigar today ordered Apple, Inc., to respond to the motion against it, first made in August of last year, seeking to certify a class of iDevice users who overpaid for Apple products as a result of Apple’s allegedly false and deceptive assurances to consumers of security and privacy in the personal data they stored on those devices. The case against Apple arose in the context of widespread data harvesting from iDevices by several technology companies developing apps for Apple devices like the iPhone and iPad. (The parties in that case recently announced a settlement of those claims. A motion to approve that settlement and to begin the process of notice to the class is expected shortly.) Tens of millions of Apple consumers are potentially covered by the proposed class. Judge Tigar has set a hearing on the matter for May 31st at 9:30 a.m. The firm serves as co-lead counsel in the case. For more information about the case, click here.
October 20, 2016 – The Ninth Circuit Court of Appeals denied today Apple’s bid for review of an order granting class certification in the firm's long-running data privacy case against it over the alleged surreptitious harvesting of iDevice users' address book data. The firm opposed Apple's petition to the Ninth Circuit, arguing that the trial court's decision to certify a nationwide class of almost half a million iDevice users who downloaded the Path app (triggering the automatic upload of vast quantities of private address book data to Path's servers) was legally sound. The Circuit Court's decision is a triumph for the firm, clearing the way for the case to proceed to trial against Path and Apple. The firm has pending a similar class certification motion against five other app developers, including Instagram, Twitter and Yelp, for classes ranging from 800,000 to potentially 8.5 million iDevice users. Further developments in the case are expected shortly.
September 9, 2016 – Federal district court judge Jon S. Tigar issued a 21-page order today denying Yelp’s motion for summary judgment in the firm’s wide-ranging class action challenging the conduct by Yelp, Apple and various developers of applications for Apple devices over the surreptitious and improper upload of address book data from consumers’ iDevices. Judge Tigar rejected Yelp’s argument that class members gave consent to their address book data being accessed and uploaded as a matter of law, agreeing with the firm that there was a material factual dispute as to whether Yelp got effective consent to upload users’ address book data to its servers. Judge Tigar also agreed that the evidence the firm adduced in opposition to Yelp’s motion presented a triable issue of fact both as to whether users of Yelp’s “Find Friends” function had an objectively reasonable expectation that their address book data would remain on their phone and whether Yelp’s unauthorized uploading of contacts was highly offensive to a reasonable person. Judge Tigar’s decision sets the stage for a trial on the merits of these and other similar class claims against Apple and the rest of the app developer defendants. The court has set a further case management conference in the matter for Sept. 22nd. Plaintiffs’ omnibus motion for class certification against Apple and five of the remaining app developer defendants is pending; the court previously certified one such class against Apple and app developer Path in July.
August 23, 2016 – Following the decision last month of Federal District Court Judge Jon S. Tigar certifying a class of approximately 480,000 users of the Path mobile app, the firm moved today in its capacity as interim co-lead counsel to certify similar classes of iDevice owners of certain other mobile apps downloaded from the Apple App Store before Feb. 2012. These apps include versions offered by Foursquare, Instagram, Kik, Twitter and Yelp that plaintiffs contend surreptitiously uploaded private address book data from their iDevices. The iDevice owners impacted by this practice could exceed 10 million in number. At the same time, the firm moved against Apple to certify a class of iDevice owners plaintiffs say were deceived in their purchases of Apple products by promises of privacy and security when, in fact, those products suffered from known vulnerabilities exposing private address book data to invasion and theft. The court has set both motions for a November 15th hearing.
July 15, 2016 – Federal District Court Judge Jon S. Tigar issued a 28-page order today certifying a class consisting of approximately 480,000 users of the Path mobile app who had their address book data uploaded from their iDevices between Nov. 2011 and Feb. 2012 without their knowledge or consent. Plaintiffs Lauren Carter, Stephanie Cooley and Jason Green will serve as class representatives for claims of invasion of privacy against Path and of aiding and abetting that privacy invasion against Apple arising from the surreptitious taking of their and other class members' personal address book data. Judge Tigar accepted the firm's arguments that class members had enough in common that their claims for nominal and punitive damages should be permitted to proceed on a class-wide basis. Judge Tigar's order appointed the firm class counsel and set an Aug. 16th hearing to determine a schedule for the remainder of the case through trial.
May 5, 2016 – Plaintiffs filed papers today replying to app developer Path and app distributor Apple, urging that their claims of breach of privacy against Path and Apple be certified for class treatment on behalf of approximately 480,000 iDevice users who downloaded or installed versions of the Path app that surreptitiously uploaded address book data from those users’ iDevices. Installation of that app on those users’ iDevices resulted in the uploading of over 662 million pieces of information which Path held on a database and, the lawsuit contends, intended to use for data-mining, among other things. The court has set a June 14th hearing to consider the class certification of plaintiffs’ claims.
March 4, 2016 – In a brief two-page order issued today, Federal District Court Judge Jon S. Tigar sided with the firm’s clients and rejected Apple’s efforts to invade Plaintiffs’ iDevice data in a far-reaching class action against it involving the alleged surreptitious uploading of address book data by several highly-popular mobile apps available on the Apple App Store. Apple had sought production of the contacts data from Plaintiffs’ iDevices as well as certain other data files, telling Judge Tigar in its supporting legal memorandum that nothing showed this data “to be highly sensitive, or indeed, private at all” and that there is “no colorable argument for why such data could be considered private.” This filing comes as Apple is engaged in what the U.S. Department of Justice has termed a massive public relations campaign to burnish its privacy “brand” to defeat the federal government’s own effort to crack the iPhone belonging to one of the terrorists responsible for killing 12 people in San Bernardino late last Fall. In the last several weeks, in two different federal courts, in a multitude of statements and press releases and in sworn testimony before the U.S. Congress, Apple has professed its dedication to user privacy and the treatment of the data it seeks here as personal and private – a message leading one federal judge to accept the proposition that he should “take into account the extent to which the compromise of privacy and data security that Apple promises its customers affects not only its financial bottom line, but also its decisions about the kind of corporation it aspires to be.” Apple’s appeal to Judge Tigar comes on the heels of a coordinated investigation by Apple and its lawyers into Plaintiffs’ personal and social media life, following the first class certification motion in the matter, and leading to several exceedingly awkward moments in deposition.
February 11, 2016 – Sealed materials Apple and Path sought to keep secret are set to be released to the public per a court order entered today by Federal District Court Judge Jon S. Tigar. In a short five-page decision, Judge Tigar found that neither party made the showing necessary to keep certain internal documents – including communications among Apple personnel about the functionality of apps sold on the iTunes App Store – out of the public record in the ongoing case against these two companies and other app developers over their policies and practices in the uploading and harvesting of address book data from users' iDevices. Judge Tigar also declined to redact portions of plaintiffs' memorandum in support of their class certification motion against Apple and Path. Firm partner David Given argued that the effort by Apple and Path to foist these redactions on that document was a naked attempt to sanitize the public record, and opposed it in related papers filed with the court.
January 6, 2016 – Following a lengthy case management conference, Federal District Court Judge Jon S. Tigar agreed with the firm and issued an order today resetting the class certification motion against defendants Apple, Inc. and Path, Inc., in a wide-ranging breach of privacy case against these two companies and 10 other software developers over the alleged surreptitious upload of address book data from users’ iDevices. Judge Tigar will now hear that motion in early April. Defendants sought to delay that hearing on various procedural grounds. Partner David Given made the case that time was of the essence for the over 480,000 iDevice users who downloaded the Path app and had their address book data taken without permission. Until recently, the lawsuit was mired in a series of motions by defendants delaying class proceedings in the case by over three years. If Judge Tigar’s comments were any indication, the case may now proceed in an expedited fashion with additional class certification motions against other app developers expected later this year.
November 12, 2015 – Plaintiffs Jason Green, Stephanie Cooley and Lauren Carter today moved on their own and on behalf of a group of iDevice users for certification of a class of approximately 480,000 users on their claim against app developer Path for invasion of privacy and against Apple for aiding and abetting same. Plaintiffs’ claims arise from technology built into several versions of the iOS mobile Path app which, upon activation, uploaded users’ address book data without notice. Today’s motion follows a Oct. 8th court order directing Path to produce both its CEO, Dave Morin, and its CTO, Nathan Folkman, for a sworn deposition. Those depositions are pending. The court has set the hearing on plaintiffs’ class certification motion for Dec. 17th.
March 23, 2015 – Federal District Court Judge Jon S. Tigar today issued a 34-page decision upholding claims against Apple and a dozen of the country’s largest application developers for violations of law in connection with the practice of uploading address book data from users’ iDevices without the users’ authorization or consent. Today’s order is the third in which Judge Tigar has upheld plaintiffs’ class claims in the case (in which the court appointed the firm lead counsel in Oct. 2013) against defendants’ almost three-year long legal assault. In today’s order, the court found that plaintiffs adequately stated an “extensive” and, allegedly, false and misleading advertising campaign aimed at convincing the public that Apple’s personal computer devices were (and are) “secure and include comprehensive consumer-privacy protections.” The court also sustained, as it did before, plaintiffs’ invasion of privacy claims against both the app developers and Apple despite several lines of legal attack, including that the federal Copyright Act preempted those claims in their entirety. Defendants now have 14 days to answer plaintiffs’ consolidated complaint, after which the case will proceed to the pre-trial discovery stage.
June 27, 2014 – The firm today filed an amended complaint on behalf of plaintiffs in the class action case against Apple and a dozen of the App Store’s largest app developers (including, among others, Electronic Arts and Twitter) asserting breaches of privacy relating to the unauthorized uploading of address book data from consumers’ iDevices. The amended complaint comes in response to the 55-page decision of Federal District Court Judge Jon S. Tigar on defendants’ various motions to dismiss plaintiffs’ claims in their entirety. Issued in May, that decision granted in part and denied in part those motions. The amended complaint serves to address concerns raised in Judge Tigar’s decision with plaintiffs’ prior pleadings, while keeping intact claims the court said could proceed, some subject to additional factual detail. Judge Tigar appointed the firm interim co-lead counsel in the case last October.
October 22, 2013 – In an order issued today, Federal District Judge Jon Tigar has appointed PE&G (along with its co-counsel) lead attorneys in a wide-ranging class action involving Apple and many of the tech industry's largest application developers over the wide-spread practice of uploading consumers' address book data from iDevices without consumers' authorization or consent. The practice came to light following reporting in the New York Times and other major news publications in February of last year, and led to one app developer's civil prosecution by the Federal Trade Commission. The case has survived multiple attacks by Apple and the other defendants; those defendants' third round of motions to dismiss the class plaintiffs' consolidated amended complaint are set to be heard by Judge Tigar in January.
August 5, 2013 – Federal District Judge Jon Tigar has ruled against Apple Inc. in a case over the uploading of private address book data from iDevice users’ phones and tablets without their knowledge or consent. In his 17-page order issued today, Judge Tigar sustained everyone but one of the claims made against Apple from legal attack, allowing the case to proceed to the discovery stage, where information will be sought about Apple’s policies and practices. In earlier related proceedings, Judge Tigar allowed a consolidated amended complaint to be filed in four cases brought over the same issues and asserting substantially the same claims against Apple and 14 of the largest application developers, including Facebook, Path and Foursquare. PE&G is helping to lead the plaintiffs’ effort against Apple and these app developers in the case. Judge Tigar has ordered the consolidated amended complaint to be filed on or before Sept. 3rd.
March 22, 2013 – PE&G attorneys David Given and Nick Carlin have joined a team of lawyers who have brought a class case against Apple and certain developers of consumer applications made available on the App Store over users' privacy rights in their digital data. The core allegation of the complaint is that the apps in question pirated private user information, including address book data, from the user's iDevice by surreptitiously uploading that information without notice to the user and without the user's consent. The federal government recently prosecuted its own case against one such developer, Path, also named in the class action, over the same conduct. That case resulted in a consent order which included a permanent injunction together with civil penalties of $800,000. The class case was recently transferred to the San Francisco federal court, where one judge in another similar case has already sustained most of the claims against Path. The case is set for its first hearing before Federal District Judge Jon Tigar on April 4th.
Plaintiffs, led by PEG&C and lawyers with Kerr & Wagstaffe LLP, are prosecuting a class action lawsuit against Apple and a host of mobile application developers (including Path, Foursquare, Twitter, Yelp, Instagram and others) for those companies' piracy of private consumer data, including address book data.
The complaint, which follows national reporting of the companies' practice from February of 2012, alleges that these developers surreptitiously uploaded users' contact book information without notice to and consent from users, and that Apple knowingly facilitated these invasions of privacy by selling or otherwise distributing the offending applications through its App Store.