Class Actions

Hotel Investment and Management Firm Aimbridge Hospitality LLC Removes Putative Class Action to Federal Court

• Hospitality company Aimbridge Hospitality LLC (Aimbridge) removed a putative class action lawsuit by a former laundry attendant that alleged that her personal information was exposed in a March 2018 data breach. The complaint alleged that the putative class members suffered damages related to costs they were required to pay for credit monitoring services resulting from the alleged breach.

• In its filing, Aimbridge claims that the suit is subject to removal under the Class Action Fairness Act because members of the proposed class are diverse from Aimbridge, there are more than 100 possible class members and damages could total more than $5 million.

Uber Users’ Claims Sent to Arbitration

  • A California federal judge ruled that a proposed breach-of-contract action filed by a class of Uber users must be sent to arbitration.
  • S. District Judge Philip S. Gutierrez found that Uber’s terms and conditions contained an obvious arbitration provision requiring users to resolve disputes with the company on an individual basis through final and binding arbitration unless they opted out.
  • The judge also determined that whether the 2016 data breach that is the subject of the lawsuit was within the scope of the arbitration agreement is “precisely the threshold question that is delegated to the arbitrator.”

Yahoo Inc. Opposes Class Certification

  • Yahoo Inc. is opposing class certification in a California multi-district litigation related to three data breaches that allegedly affected billions of Yahoo email accounts.
  • The online behemoth argued that determinations of whether users were actually harmed by the alleged data breaches would require individual inquiries. The company cited a handful of claims that it alleges are “examples of the millions of unavoidable individual, testimony-intensive inquiries necessary to (1) isolate who was actually harmed by conduct attributable to Yahoo … and (2) preserve Yahoo’s constitutional right to present its causation and harm evidence to the jury.”

Data Breaches

British Airways Hit With Breach That Exposed Data on 380,000 Customers

  • According to an online statement, British Airways is investigating what it calls a theft of customer data that occurred between Aug. 21 and Sept. 5, 2018.
  • The airline disclosed that “[t]he stolen data included personal and financial details of customers making bookings and changes on ba.com and the airline’s app” but did not include travel or passport information.
  • It also assured customers that no customer will be responsible for any out-of-pocket costs related to the incident, and it advised any customers who believe themselves to be affected to contact their banks and credit card providers.

State AGs

AGs at Loggerheads Over Google Settlement and Cy Pres Distributions

  • Separate coalitions of state attorneys general each have filed amicus briefs in the U.S. Supreme Court regarding the propriety of Google’s $8.5 million privacy settlement related to allegations that the company unlawfully shared users’ search histories.
  • At issue is the use of a cy pres distribution, through which the settlement funds, less attorneys’ fees, would be awarded to six internet nonprofits that are not directly involved in the litigation.
  • In the most recent salvo, AGs from Oregon, California, Connecticut, Hawaii, Illinois, Maryland, Massachusetts, Minnesota, New York, North Carolina, Vermont and Washington supported the settlement, arguing that cy pres distributions are useful to protect class members when a direct disbursement is not feasible.

Previously, a group of AGs led by Arizona AG Mark Brnovich had argued that “[c]y pres-only settlement arrangements embody the worst flaws of the class action settlement system and are notable in their disservice to consumers,” allowing defendants and class counsel to “secure their own goals from the litigation while bypassing the class.”