westlaw journal computer & internet - barton llp · 2019-11-26 · european court of justice...

WHAT’S INSIDE

Litigation News and Analysis • Legislation • Regulation • Expert Commentary

COMPUTER & INTERNETWestlaw Journal

41737778

VOLUME 33, ISSUE 11 / NOVEMBER 6, 2015

meant they did not lose protection of the National Labor Relations Act, 29 U.S.C. § 158(a)(1), the 2nd Circuit opinion said.

Employees may lose the federal labor law’s protections if their activity is considered disloyal or if it reflects poorly on the employer’s brand, the opinion said.

That was not the case here, the panel said.

COPYRIGHT INFRINGEMENT

6 Google Books does not infringe authors’ copyrights, appeals court rules

Authors Guild v. Google (2d Cir.)

INTERNET TRACKING

7 Facebook fights off $15 billion tracking lawsuit, for now

In re Facebook Internet Tracking Litig. (N.D. Cal.)

ARBITRATION

8 Amazon.com customers must arbitrate claims over ‘false discounts’

Fagerstrom v. Amazon.com Inc. (S.D. Cal.)

CONSUMER FRAUD

9 $60 million settlement in Symantec ‘download insurance’ fraud case preliminarily approved

Khoday v. Symantec Corp. (D. Minn.)

TRADEMARK

10 ‘IntelliJet’ trademark grounded in suit against plane company

NetJets Inc. v. IntelliJet Grp. (S.D. Ohio)

ONLINE AUCTIONS

11 State auctioneer-licensing board trying to derail online business, attorney says

Bauer v. Pa. State Bd. of Auctioneer Exam’rs (W.D. Pa.)

ALISON FRANKEL’S ON THE CASE

17 In SCOTUS petition, Apple claims 2nd Circuit used wrong antitrust standard

SEE PAGE 3

CONTINUED ON PAGE 19

COMMENTARY

European Court of Justice rules U.S.–EU ‘safe harbor program’ invalidAfter an Oct. 6 decision, member states in the European Union may now decide for themselves whether a data transfer program with the United States — the so-called safe-harbor program — offers an adequate level of privacy protection for their citizens. Kenneth N. Rashbaum, a privacy and cybersecurity partner at Barton LLP, discusses what this means for U.S. companies currently transferring data abroad.

EMPLOYMENT

Tavern can’t fire workers over Facebook ‘likes,’ appeals court affirmsBy Melissa J. Sachs, Senior Legal Writer, Westlaw Journals

A Connecticut sports bar violated a federal labor law when it fired two employees for “liking” and responding to a former co-worker’s Facebook post about their wages and tax liabilities, a federal appeals court has affirmed.

REUTERS/Rick Wilking

Three D LLC v. National Labor Relations Board, Nos. 14-3284 and 14-3814, 2015 WL 6161477 (2d Cir. Oct. 21, 2015).

The National Labor Relations Board found the employees engaged in protected activity when they discussed their employer’s tax withholding on Facebook, and the 2nd U.S. Circuit Court of Appeals agreed.

Additionally, the employees did not disparage the bar or even mention its name in their Facebook posts, which

© 2015 Thomson Reuters2 | WESTLAW JOURNAL n COMPUTER & INTERNET

Westlaw Journal Computer & InternetPublished since November 1983

Publisher: Mary Ellen Fox

Managing Editor: Robert W. McSherry

Editor: Melissa Sachs, Esq. [email protected]

Managing Desk Editor: Robert W. McSherry

Senior Desk Editor: Jennifer McCreary

Desk Editor: Sydney Pendleton

Graphic Designers: Nancy A. Dubin Ramona Hunter

Thomson Reuters175 Strafford Avenue, Suite 140Wayne, PA 19087877-595-0449Fax: 800-220-1640www.westlaw.comCustomer service: 800-328-4880

For more information, or to subscribe,please call 800-328-9352 or visitwest.thomson.com.

For the latest news from Westlaw Journals, visit our blog at http://blog.thomsonreuters.com/westlawjournals.

Reproduction AuthorizationAuthorization to photocopy items for internal or personal use, or the internal or personal use by specific clients, is granted by Thomson Reuters for libraries or other users regis-tered with the Copyright Clearance Center (CCC) for a fee to be paid directly to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923; 978-750-8400; www.copyright.com.

How to Find Documents on WestlawThe Westlaw number of any opinion or trial filing is listed at the bottom of each article available. The numbers are configured like this: 2015 WL 000000. Sign in to Westlaw and on the “Welcome to Westlaw” page, type the Westlaw number into the box at the top left that says “Find this document by citation” and click on “Go.”

TABLE OF CONTENTS

Employment: Three D v. NLRBTavern can’t fire workers over Facebook ‘likes,’ appeals court affirms (2d Cir.) ................................................1

Commentary: By Kenneth N. Rashbaum, Esq., Barton LLPEuropean Court of Justice rules U.S.–EU ‘safe harbor program’ invalid ......................................................... 3

Copyright Infringement: Authors Guild v. GoogleGoogle Books does not infringe authors’ copyrights, appeals court rules (2d Cir.) ........................................6

Internet Tracking: In re Facebook Internet Tracking Litig.Facebook fights off $15 billion tracking lawsuit, for now (N.D. Cal.) ............................................................... 7

Arbitration: Fagerstrom v. Amazon.com Inc.Amazon.com customers must arbitrate claims over ‘false discounts’ (S.D. Cal.) ...........................................8

Consumer Fraud: Khoday v. Symantec Corp.$60 million settlement in Symantec ‘download insurance’ fraud case preliminarily approved (D. Minn.) .............................................................................................................................................................9

Trademark: NetJets Inc. v. IntelliJet Grp.‘IntelliJet’ trademark grounded in suit against plane company (S.D. Ohio).................................................. 10

Online Auctions: Bauer v. Pa. State Bd. of Auctioneer Exam’rsState auctioneer-licensing board trying to derail online business, attorney says (W.D. Pa.) .........................11

Data Breach: In re Target Corp. Customer Data Sec. Breach Litig.Target customers urge court to OK $10 million settlement of data breach suit (D. Minn.) ...........................12

CybersecurityBoards increase focus on cybersecurity measures, survey says ......................................................................13

Mergers & Acquisitions: Inala v. Yodlee Inc.Investor sues to stop software seller Yodlee’s $660 million buyout (Del. Ch.) ..............................................14

Mergers & Acquisitions: Barrett v. TucciDell’s $67 billion EMC buy is unfair, shareholder says (Mass. Super. Ct.) .......................................................15

Securities Fraud: Hong v. Extreme NetworksTech firm duped investors with rosy projections, suit says (N.D. Cal.) ............................................................16

Alison Frankel’s On the CaseIn SCOTUS petition, Apple claims 2nd Circuit used wrong antitrust standard ............................................. 17

News in Brief .....................................................................................................................................................18

Case and Document Index ...............................................................................................................................21

NOVEMBER 6, 2015 n VOLUME 33 n ISSUE 11 | 3© 2015 Thomson Reuters

COMMENTARY

European Court of Justice rules U.S.–EU ‘safe harbor program’ invalidBy Kenneth N. Rashbaum, Esq. Barton LLP

Kenneth N. Rashbaum is a partner at Barton LLP in New York, where he heads the privacy and cybersecurity practice. He counsels clients on federal and state laws, industry regulations and international standards for information governance, and he represents multinational organizations and health care providers in government proceedings and litigation regarding privacy and security. He is also an adjunct professor at the Fordham University School of Law. He can be reached at [email protected]. A version of this article appeared in Barton LLP’s Oct. 9 client alert.

The Court of Justice of the European Union ruled Oct. 6 that the U.S.–EU “safe harbor program,” under which multinational organizations transferred digital information from the European Union to the United States, is invalid. Previously, organizations that had registered with the program, administered by the U.S. Department of Commerce, self-certified that they would safeguard personal data they transferred from the EU to the United States in accordance with certain data protection principles (described below). Data trans-ferred under these circumstances met the European Commission’s standard for adequate protection of EU citizens’ personal data.1

You may have read articles or blog posts about this decision that imply that all data already in the United States under the safe-harbor program are at immediate risk, or that all transfers of personal information from EU countries will immediately grind to a halt. Neither is the case at the moment, but planning for alternative means for transferring data should begin now.

The decision, distilled to its essence, holds that individual EU countries are now free to decide whether to suspend transfers of

personal data under the auspices of the safe-harbor program.

The court ruled that European Commission decision 2000/520/EC authorizing transfers under the safe-harbor program2 is invalid because it deprived member states of the right to pursue their own determinations of whether the program provides an adequate level of protection in the face of changed circumstances following the disclosures of Edward Snowden regarding National Security Agency’s “mass and undifferentiated accessing of personal data” in the United States.3

The case was brought by Max Schrems, an Austrian student and Facebook user.

• Notice: Information provided toindividuals about the purposes for which it collects and uses information about them, the types of third parties to whom the organization provides that information and what choices and methods are offered to individuals to limit information uses and disclosures.

• Choice: The opportunity for theindividual to opt out where their personal information is to be disclosed to a third party or used in a manner incompatible for the purpose for which it was collected.

• Onward transfer: A restriction ontransfer of an individual’s information to a third party without consent, or unless that organization subscribed to the “Safe Harbor Principles.”

• Security: Reasonable precautions toprotect information from loss, misuse or unauthorized disclosure.

• Data integrity: A restriction onprocessing data in a manner inconsistent with the rationale for its collection, and reasonable steps to insure that the data is accurate, complete and current.

• Access:anindividualmusthaveaccessto the information about themselves held by the organization, and be provided with the opportunity to correct, amend or have it deleted, subject to certain limitations.

• Enforcement: Provision of accessto mechanisms for recourse for aggrieved individuals. This takes the form of a requirement that registered organizations designate a private dispute resolution forum (there is, at present, no redress in U.S. courts for EU citizens aggrieved by unauthorized disclosures that take place in the United States).4

Schrems filed a complaint with the Data Protection Authority in Ireland, alleging that his Facebook data was not adequately

Previously, organizations self-certified that they would safeguard personal data they transferred from the EU to the United States in accordance

with certain data protection principles.

When Schrems opened his Facebook account, he agreed that Facebook Ireland would host his data which, would be sent to Facebook U.S. for processing, as is the case with all EU Facebook users. The data had been sent to the U.S. under the auspices of the safe-harbor program.

In 2000, the European Commission authorized personal data transfers to the United States under this program, which comprises seven principles of data protection consistent with EU law:

4 | WESTLAW JOURNAL n COMPUTER & INTERNET © 2015 Thomson Reuters

protected due to NSA access to all data within the United States, as revealed by Snowden.

One of the more salient aspects of the European Commission 2000 decision, 2000/520 EC, is that it was binding on all EU member states; that is, no member state could challenge the finding that transfers to the United States under the safe-harbor program offered an adequate level of privacy protection — until now.

The European high court reasoned that it had the authority to revisit the 2000 decision on safe harbor because the “level of protection by a third country is liable to change … so it is incumbent on the commission to check periodically whether the finding relating to the adequacy of the level of protection ensured by the third country in question is still factually and legally justified. Such a check is required, in any event, when evidence gives rise to a doubt in that regard.”5

known as ILITA, also announced that “it is no longer permissible to rely on the safe harbor as a basis for transfers of personal data from Israel to the [United States].”7

Other DPAs may make their decisions based on EU standards or their own culture and privacy laws, but there is no way to know the criteria for such decisions at this time. It is not at all clear, though, that other DPAs will follow suit.

Yet, on the same day, the Article 29 Working Party on Data Protection issued a statement in which it stated that “transfers that are still taking place under the safe-harbor decision after the CJEU decision are unlawful,” but also implied a grace period until the end of January. After that time, “EU data protection authorities are committed to take all necessary and appropriate action, which may include coordinated enforcement actions,”

the statement said.8

Deputy Commissioner David Smith from the Information Commissioner’s Office in the United Kingdom offered similar comments in response to the Schrems decision.

“The judgment means that businesses that use safe harbor will need to review how they

ensure that data transferred to the U.S. is transferred in line with the law,” he said, adding that his office recognizes it will take some time for them to do this.9

CONSIDER THE OPTIONS

The European Court of Justice’s decision leaves the question of suspension of transfers to individual, state DPAs. The court remanded the case to the High Court of Ireland, which had certified the question of local DPA jurisdiction. Now, the High Court of Ireland will conduct its own protection adequacy investigation and make its own findings.

As stated above, individual DPAs may not act for some time, but some may act within weeks, some longer and others may not act at all. Further, the decision is phrased prospectively, in that it does not speak to data that is already in the United States pursuant to safe harbor. There is no mandate to do anything with data already here under the program.

It is nonetheless strongly advisable to begin consideration of options and alternatives.

First consider the EU countries from which the organization would obtain personal data and evaluate how quickly their DPAs are likely to move on this.

While some DPAs may not have the resources to consider the question of suspension right away, others may jump on this quickly, as Germany has. The suspension of data flows from Europe for such organizations could have serious business consequences.

If the local DPA suspends safe-harbor transfers, another instrument for data transfer will be required quickly so your data transfers may continue.

Personal data may be transferred to the United States with a data transfer agreement using model contract clauses. These clauses have been approved by all member states, and do not require approval by DPAs (though a data transfer agreement itself must be submitted to the relevant DPA).

Another approved method for data transfer is a set of binding corporate rules, a “code of conduct” that defines global policy with

Individual EU countries are now free to decide whether to suspend transfers of personal data

under the auspices of the safe-harbor program.

7 data protection principles in the EU

Notice: Information to individuals about why and how an organization collects and uses data

Choice: Opportunity to opt out of future disclosures to third parties in some instances

Onward transfer: Restriction on transferring without consent

Security: Organizations take reasonable precautions to protect data

Data integrity: Restrictions on data processing to ensure its accuracy

Access: Individuals must be able to access their data and correct or amend it

Enforcement: Mechanism for recourse

Accordingly, the court ruled the 2000 decision formerly binding on all EU member states is invalid so that data protection authorities, or DPAs, of individual countries may now make their own determinations of whether data transfers pursuant to safe harbor offer an adequate level of data protection. If the relevant DPA finds that the program no longer offers an adequate level of protection, it may order transfers of personal data under the program suspended.

On Oct. 16 the German DPA did just that. It suspended all transfers from Germany to the United States pursuant to the safe-harbor program.6 And the fallout may not be limited to the EU.

Israel has also suspended transfers pur-suant to the program. Israel, a country the EU has deemed to have data protection commensurate with its own, had previously approved data transfers to companies registered with the program. Many American technology companies, such as Google, Intel, Microsoft and HP, have a significant presence in Israel. On Oct. 19, the Israeli Law, Information and Technology Authority, the country’s data protection authority,

The fallout may not be limited to the EU.


regard to internal transfers between entities of multinational organizations. Binding corporate rules can function as a global data protection code of conduct, but in the European Union they require approval by the pertinent DPA.10

There are advantages and disadvantages to each of these solutions, but if the local DPA in the country from which your organization would be receiving data suspends transfers that had been made under the safe-harbor program, adoption of one of these methods will be required within a very short period of time.

But there is another consideration, with a potentially sunnier side: does the organization fit within recognized exceptions “derogations” to the transfer of personal data? Article 26 of the Directive comprises a number of derogations that may apply and, if they do, no instrument may be required for data transfers. These include:

• Consentofthedatasubject(whichmustbe informed and freely given).

• Datatransferred“fortheestablishment,exercise or defense of legal claims.”

• The transfer is necessary for theconclusion or performance of a contract concluded in the interest of the data subject between the controller and a third party.11

Consent, it has been said, cures a variety of sins if it is provided voluntarily and is “unambiguous.”12 Many multinational organizations have employees sign agreements that state the employee consents to his or her email and other information to be transferred beyond the European Economic Area (comprising the EU member states, Norway, Iceland and Liechtenstein). In those countries where consent obtained by an employer is not considered involuntarily given, this could suffice.

More and more organizations may try, in the wake of the Schrems decision, to go the consent route by use of “click boxes” for online agreements, which can produce its own set of concerns for overuse of the consent derogation.13

The derogation for transfers in connection with defense or establishment of a legal claim may be of considerable use for digital consultants such as e-discovery vendors.

The Article 29 Working Party on Data Protection, in 2009, issued Working Document WP158 that stated that transfers to common-law countries outside the European Union may take place for purposes of litigation if the personal data set were reduced by culling and filtering for sensitive and irrelevant data, so as to mitigate, to a degree, the potential privacy intrusion on the EU data subject.14

Indeed, one can make a compelling argument that the safe-harbor program was never an appropriate transfer method for these organizations, since litigation data collection is performed with the purpose of ultimate disclosure to a court and/or adversary, and a core safe-harbor principle was that data transferred pursuant to program would not be subject to onward transfer, including production of these data to courts or adversary counsel.

A third useful derogation is a contract that requires data transfer for the performance of a contract, which is in the data subject’s interest. Transfers of health data between a treating hospital in, say, France and a consulting physician in the United States or, arguably, certain transfers of financial information of the data subject from her bank in Belgium to her investment advisor in New York, may fit within this derogation.

CONCLUSION

Perhaps the best practical counsel one can provide is breathe, keep calm and consider all the alternatives. Safe harbor still exists in the United States, and as of this writing no data protection authority has ordered transfers under safe harbor suspended.

But that day is likely coming soon, so planning should rise to the top of a multinational organization’s “urgent” pile.

Analysis should begin with the question of whether the organizations’ transfers qualify for derogation under Article 26, in which

case it is possible that no alternative transfer instrument may be needed at all.

If the transfers do not so qualify, the next step in the analysis should include the type of information transferred, the volume of data transfers, and the feasibility of alternative methods of transfer of protected data given the nature of the organization’s business and culture. WJ

NOTES1 U.S.-EU Safe Harbor Overview, U.S. Dep’t of Commerce (last updated Dec. 18, 2013), available at http://1.usa.gov/1GvVxhl.

2 2000 O.J. (L 215) 7, available at http://bit.ly/1RxUqOi.

3 Schrems v. Data Prot. Comm’r, CJEU Case C-362/14 (Oct. 6, 2015), available at http://bit.ly/1XuircM.

4 Safe Harbor Privacy Principles, U.S. Dep’t of Commerce (July 21, 2000), available at http://1.usa.gov/1GvUGgo.

5 Schrems, supra note 3, at *29.

6 Christoph Ritzer, Christoph Zieger, Daniel Ashkar & Marcus Evans, German Data Protection Authorities Suspend BCR Approvals, Question Model Clause Transfers, Data Prot. reP. (Oct. 26, 2015), http://bit.ly/1PSOjpw.

7 Angelique Carson, Safe Harbor Decision Trickles Down: ILITA Revokes Prior Authorization, Privacy aDvisor (Oct. 20, 2015), http://bit.ly/1WgpJUx. See also Francoise Gilbert, Israel Revokes is Acceptance of Safe Harbor (sic.), Francoise Gilbert on Privacy, security anD clouD comPutinG (Oct. 20, 2015), http://bit.ly/1k7O0uq.

8 See Press Release, Article 29 Working Party, Statement on Schrems Judgement (Oct. 16, 2015), http://bit.ly/1jPinpU.

9 See Press Release, Info. Comm’r’s Office, ICO Response to ECJ ruling on personal data to US Safe Harbor (Oct. 6, 2015), http://bit.ly/1GH4ZxU.

10 See Overview on Binding Corporate rules, European Commission, available at http://bit.ly/1kIBUIJ (last visited Oct. 26, 2015).

11 EU Directive 95/46/EC – The Data Protection Directive, Art. 26 (1), Data Prot. Comm’r, http://bit.ly/1LxGkek.

12 Id.

13 See Nicola Regan, How Max Schrems Scored an Own Goal by Toppling Safe Harbor, iaPP Privacy PersPectives (Oct. 7, 2015), http://bit.ly/1Mfbpkf .

14 See Art. 29 Data Protection Working Party, Working Document 1/2009 on Pre-Trial Discovery for Cross-Border Civil Litigation, 00339/09/EN WP 158 (Feb. 11, 2009), available at http://bit.ly/1Wel2VZ.

Binding corporate rules can function as a global data protection code of conduct, but in the European Union they require approval by the pertinent data protection authority.


COPYRIGHT INFRINGEMENT

Google Books does not infringe authors’ copyrights, appeals court rulesBy Deborah Nathan, Esq., Senior Legal Writer

Google’s Library Project, which has digitized millions of copyrighted books and allows Internet researchers to search through “snippets” of text, does not infringe copyrights held by authors in the works, the 2nd U.S. Circuit Court of Appeals has ruled.

REUTERS/Arnd Wiegmann

Authors Guild Inc. et al. v. Google Inc., No. 13-4829, 2015 WL 6079426 (2d Cir. Oct. 16, 2015).

Google’s search function is fair use because it is transformative — meaning that it communicates something new and different from the original — as it makes book information available without providing the public a substantial substitute for the original works, the appeals court said.

“The immediate effect is that Google will be able to continue with its massive project in its current form without fear of copyright liability,” said J. Michael Keyes, an intellectual property partner at Dorsey & Whitney in Seattle, who was not involved with the case.

Keyes said the long-term effects could be significant.

It arose following Google’s establishment of the Library Project in 2004. Google worked with the world’s major research libraries that selected books from their collections, which Google then digitally scanned.

SNIPPETS

Since 2004, Google has scanned and indexed more than 20 million books, according to the opinion.

The District Court held that Google made fair use of the books because its use was transformative. Authors Guild Inc. v. Google Inc., 954 F. Supp. 2d 282 (S.D.N.Y. 2013).

TRANSFORMATIVE PURPOSE

The plaintiffs appealed to the 2nd Circuit, which agreed that Google’s use of the books, particularly through the availability of the snippets, was transformative.

The snippets added important value to the basic transformative search function because they showed researchers “just enough” context surrounding their search terms to help them evaluate whether a particular book is of interest, the appeals court said.

The appeals court acknowledged that one of the factors involved in the fair-use analysis is the amount and substantiality of the portion used of the copyrighted work.

While Google scans each book in its entirety, the appeals court said that courts have rejected any categorical rule that copying an entire work cannot be fair use.

Here, Google makes an unauthorized digital copy of an entire book but it does not release the entire copy to the public, the 2nd Circuit said.

Jason Bloom, head of the copyright practice at Haynes & Boone in Dallas, who was not involved in the litigation, said the decision sets important boundaries on copyright law and acknowledges an often murky dividing line between the fair-use defense and an author’s exclusive rights to make and authorize derivative works.

“The 2nd Circuit reached the right result by finding that the Google Books projects is a transformative fair use,” Bloom said. WJ

Attorneys:Plaintiffs-appellants: Paul M. Smith, Jenner & Block, Washington; Edward H. Rosenthal, Jeremy S. Goldman, Anna Kadyshevich and Andrew D. Jacobs, Frankfurt Kurnit Klein & Selz, New York

Defendant-appellee: Seth P. Waxman, Louis R. Cohen, Daniel P. Kearney Jr. and Weili J. Shaw, Wilmer Cutler Pickering Hale & Dorr, Washington; Daralyn J. Durie and Joseph C. Gratz, Durie Tangri LLP, San Francisco

Related Court Document: Opinion: 2015 WL 6079426

See Document Section B (P. 26) for the opinion.

The snippets added important value to the basic transformative search function because they helped users evaluate whether a

particular book is of interest, the appeals court said.

“It could open the door for other similar types of digitization projects involving copyrighted works so that those works could be catalogued and searched,” he said.

The executive director of the Authors Guild expressed disappointment in the ruling.

“The Authors Guild is disappointed that the court has failed to reverse the District Court’s faulty interpretation of the fair-use doctrine,” Mary Rasenberger, executive director of the Authors Guild in New York, said in a statement.

The decision is the latest chapter in litigation that has lasted more than a decade.

Internet users can enter search terms at the Google Books website and receive a list of all books in the database in which the terms appear, according to the opinion.

In the results, a user also receives “snippets,” which are small segments of text — typically about one-eighth of a book’s page — to help the user determine which books would be most useful for his or her particular purpose, the opinion says.

In 2005 the Authors Guild and several authors sued Google for copyright infringement in the U.S. District Court for the Southern District of New York.


cookies into their Web browsers, according to the order.

The tracking cookies assign a unique identification number to each user and his or her Web browser and device. They are created whenever a user interacts with the social networking site, even if the user merely visits a different webpage with a Facebook “like” button, the order said.

The tracking cookies can identify an individual with enough specificity for Facebook to

INTERNET TRACKING

Facebook fights off $15 billion tracking lawsuit, for nowBy Melissa J. Sachs, Esq., Senior Legal Writer, Westlaw Journals

Facebook users who claim the social networking site tracks their activity on other websites have until Nov. 30 to amend their $15 billion lawsuit for various state and federal privacy law violations.

The lawsuit failed to connect Facebook’s alleged wrongdoing with any lost opportunities the plaintiffs

may have had to sell their personal information, U.S. District Judge Edward J. Davila said.

In re Facebook Internet Tracking Litigation, No. 5:12-md-02314, 2015 WL 6438744 (N.D. Cal., San Jose Div. Oct. 23, 2015).

U.S. District Judge Edward J. Davila of the Northern District of California dismissed the proposed class allegations Oct. 23, finding the plaintiffs lacked constitutional standing and failed to state actionable claims in their consolidated complaint.

For the state common law claims, such as invasion of privacy or trespass, the plaintiffs never alleged specific economic injuries, Judge Davila said in the order.

Article III of the U.S. Constitution requires plaintiffs to show concrete or imminent injuries, such as economic losses, to prove they have standing to sue in federal court.

Here, the plaintiffs failed to connect Facebook’s alleged wrongdoing with any lost opportunities they may have had to sell their personal information, and they never showed how Facebook’s actions hurt the value of their data, the order said.

The complaint also failed to allege actual statutory violations under the Wiretap Act, 18 U.S.C. § 2510; the Stored Communications Act, 18 U.S.C. § 2701; and California’s Invasion of Privacy Act, Cal. Penal Code § 630, Judge Davila said.

The Wiretap Act, for example, required the plaintiffs to show Facebook intercepted information that qualifies as content, the judge said.

In their consolidated complaint, the plaintiffs alleged Facebook tracked users’ Internet activities with unique identifiers that it embedded on their Web browsers.

A federal appeals court has already ruled that a similar Web identifier did not qualify as “content” under the Wiretap Act, Judge

Davila said, citing In re Zynga Privacy Litigation, 750 F.3d 1098 (9th Cir. 2014).

Additionally, the plaintiffs have not plausibly alleged Facebook violated the Stored Communications Act, Judge Davila said.

That statute protects data in temporary electronic storage, but the plaintiffs alleged Facebook continuously accessed their data through files, called cookies, which the company embedded on their devices, according to the order.

Cookies are temporary text files stored on a user’s computer that may identify the individual to a certain website or server.

Likewise, the plaintiffs did not sufficiently explain how Facebook violated California’s criminal privacy statute when it placed cookies on a user’s computer, the judge said.

Namely, he wanted to know how the company used this small text file to unlawfully obtain the specific contents of the plaintiffs’ messages or communications, according to the order.

He gave the plaintiffs until the end of November to amend their lawsuit.

TRACKING COOKIES

According to the order, the proposed class includes individuals with active Facebook accounts from May 27, 2010, through Sept. 26, 2011.

The consolidated complaint alleged Facebook tracked users’ activities even after they signed out of the site by embedding

know who the person is, according to the consolidated complaint.

The plaintiffs never gave Facebook permission to use tracking cookies to collect a record of their browsing histories, the lawsuit alleged.

This data, along with the contact and demographic information users provide when signing up for the site, has a cash value of $59.20 per user annually, the consolidated complaint said.

Judge Davila, however, found the plaintiffs still needed to show how Facebook’s alleged wrongdoing caused them actual or imminent economic injuries and explain how Facebook wrongfully accessed information that can be considered content or temporarily stored communications. WJ

Related Court Document: Order: 2015 WL 6438744


ARBITRATION

Amazon.com customers must arbitrate claims over ‘false discounts’ By Melissa J. Sachs, Esq., Senior Legal Writer, Westlaw Journals

Two Amazon.com customers must arbitrate claims that the company’s website misleads consumers by falsely advertising that its products are cheaper than those sold at other retailers, a California federal judge has ruled.

The complaint alleged violations of California’s unfair-competition law, Cal. Bus. & Prof. Code § 17200; false-advertising law, Cal. Bus. & Prof. Code § 17500; and Consumers Legal Remedies Act, Cal. Civ. Code § 1750.

In response to the complaint, Amazon moved to compel arbitration, saying both plaintiffs consented to the website’s conditions of use, which included an arbitration clause, when they placed their orders.

Judge Bashant agreed, saying the site’s terms and conditions were posted so a reasonable customer would know to read them when checking out of the site.

Fagerstrom et al. v. Amazon.com Inc., No. 15–cv–96, 2015 WL 6393948 (S.D. Cal. Oct. 21, 2015).

Andrea Fagerstrom and Allen Wisely had reasonable notice of Amazon.com Inc.’s conditions of use, which required arbitration of disputes concerning the company’s services, according to the order issued by U.S. District Judge Cynthia Bashant of the Southern District of California.

The plaintiffs argued that the agreement was illusory because Amazon could change its terms at any time, but the judge disagreed, finding the agreement incorporated an implied duty of good faith that Amazon must follow. She granted the company’s motion to compel arbitration.

According to the judge’s order, Fagerstrom and Wisely alleged the Amazon site falsely advertises discounts for its products.

The online retailer’s website displays an item’s “list price,” which it refers to as the “normal retail price,” the order noted.

The company crosses out the list price with strike-through font and displays the “Amazon price” in red font, highlighting the “cost savings” when customers shop through the site, the order said.

Fagerstrom said in the complaint that she bought a Vitamix blender on the site, which displayed a $329 list price and a $299 Amazon price, for a purported $30 savings. But other retailers and the manufacturer also sold the same blender for $299, she said.

Amazon’s “discount” therefore was illusory, the complaint said.

In the complaint, Wisely detailed a similar experience when he bought a digital-to-analog audio converter on the website.

“According to plaintiffs, Amazon creates a false impression of considerable cost savings by cherry-picking the highest price it can find for the item and using that price to create a significant price discrepancy between the Amazon price and list price,” Judge Bashant said.

One of the plaintiffs said she bought a Vitamix blender on Amazon.com, which displayed a $329 list price and a $299 Amazon price, for a purported $30 savings. But other retailers and the manufacturer also sold the same blender for $299, she said. A screenshot of a Vitamix blender sold on Amazon is shown here.

“Amazon’s arbitration agreement is not a paragon

of consumer protection,” U.S. District Judge Cynthia

Bashant said. “But it is not unconscionable.”

“The agreement itself is only a half-page long and is written in plain language,” she said.

The judge rejected the plaintiffs’ contention that the agreement was illusory because Amazon could change its terms on a whim, finding it holds both parties to performance obligations.

“Amazon’s arbitration agreement is not a paragon of consumer protection,” Judge Bashant said. “But it is not unconscionable.”

She upheld the agreement and dismissed the complaint without prejudice. WJ

Attorneys:Plaintiffs: Trenton R. Kashima, Finkelstein & Krinsk, San Diego

Defendants: James C. Grant and Rebecca Francis, Davis Wright Tremaine LLP, Seattle; James D. Nguyen, Davis Wright Tremaine, Los Angeles



CONSUMER FRAUD

$60 million settlement in Symantec ‘download insurance’ fraud case preliminarily approvedBy Jason Schossler, Contributor, Westlaw Journals

A Minneapolis federal judge has given preliminary approval to a $60 million settlement of a proposed class-action lawsuit alleging Symantec Corp. misled customers into buying an unnecessary “download insurance” add-on to its Norton Antivirus software package.

Khoday et al. v. Symantec Corp. et al., 0:11-cv-00180, preliminary settlement approval granted (D. Minn. Oct. 8, 2015).

The suit, filed in the U.S. District Court for the District of Minnesota, accused Symantec and online retailer Digital River Inc., which ran Symantec’s e-commerce platform, of violating the state’s Consumer Fraud Act, Minn. Stat. § 325F.67, and other federal and state laws.

U.S. District Judge John R. Tunheim said the settlement appears “sufficiently fair, reasonable and adequate” upon preliminary review.

According to the judge’s order, the proposed settlement class is defined as “all persons in the United States who purchased extended download service for Norton products or Norton download insurance from Jan. 24, 2005, to March 11, 2011.”

Each member of the plaintiffs’ proposed class of Symantec customers who submits a claim will receive about $50 for every purchase of the insurance add-on, according to a plaintiffs’ memo seeking approval of the settlement.

The $60 million sum includes an incentive payment of up to $10,000 each to lead

plaintiffs Devi Khoday and Danise Townsend, the Aug. 18 memo said.

A final approval hearing is scheduled for Jan. 19, according to Judge Tunheim’s order.

CLASS-ACTION CLAIMS

According to the suit, California-based Symantec automatically added “download insurance” to the virtual shopping carts of customers who bought the Norton Antivirus software over the Internet between 2005 and 2011.

The insurance, which cost from $4.99 to $16.99, allegedly gave customers the ability to re-download the software in the first 60 days after the purchase, the suit said. To refrain from buying the insurance, a customer had to affirmatively “opt out” of the purchase and remove it from the shopping cart, the suit said.

Khoday and Townsend said they purchased the insurance because they thought it was necessary if they wished to re-download the software. However, there were multiple alternative options for customers to re-download the software at no cost through both a customer support website and trialware, according to the suit.

The plaintiffs said they were deceived and would not have purchased the insurance had

they known there were other re-download options.

In a ruling earlier this year Judge Tunheim denied Symantec’s motion for summary judgment, finding a genuine fact issue as to whether the company had an obligation to disclose the other available re-download options. Khoday et al. v. Symantec Corp. et al., 93 F.Supp.3d 1067 (2015).

Judge Tunheim also rejected Symantec’s argument that the plaintiffs suffered no economic loss because the benefit they sought — a guarantee that they would be able to re-download the software beyond 60 days — is exactly what they received.

“A plaintiff may prove detrimental reliance on a material omission and recover damages if, ‘had the omitted information been disclosed, [the plaintiff] would have been aware of it and behaved differently,’” the judge said, citing Mirkin v. Wasserman, 5 Cal. 4th 1082 (Cal. 1993).

In his latest order, Judge Tunheim noted the settlement agreement is not to be deemed as an admission of liability or fault by the defendants or by any other party or person. WJ

Related Court Document: Complaint: 2011 WL 334412


TRADEMARK

‘IntelliJet’ trademark grounded in suit against plane companyBy Patrick H.J. Hughes, Managing Editor, Westlaw Daily Briefing

Private-plane company NetJets Inc. could not enforce its federally registered “IntelliJet” trademark for its plane-leasing software against IntelliJet Group LLC because the mark never should have been registered, an Ohio federal judge has ruled.

The same evidence showed that the mark was void ab initio, and never should have been registered, the judge said. Therefore, NetJets could not bring infringement claims under the Lanham Act.

Judge Frost, however, noted that NetJets could still pursue common law infringement claims if a likelihood of confusion existed.

The judge went through the eight-factor test established in Frisch’s Restaurant Inc. v. Shoney’s Inc., 759 F.2d 1261 (6th Cir. 1985), that courts in the 6th Circuit consider for determining a likelihood of confusion.

Addressing the strength-of-the-mark factor of the Frisch test, Judge Frost said the mark was merely suggestive and “on the weaker end of the spectrum for suggestive marks.”

The judge also found the parties’ services were “not directly competitive” and that the mark was “commercially weak” given that were only two potential leases to external customers in the mark’s 20-plus year existence.

Judge Frost’s analysis of remaining Frisch factors failed to “impact the ultimate conclusion in this case,” he said.

Finding the registered mark to be invalid, NetJets’ common law rights to the mark to be weak and no likelihood of confusion, the judge granted summary judgment for IntelliJet on all claims. WJ

Attorneys:Plaintiffs: Jeffrey S. Standley, Beverly Ann Marsh and Fred Michael Speed Jr., Standley Law Group, Dudley, Ohio

Defendant: Mary R. True and Joseph R. Dreitler, Dreitler True LLC, Columbus, Ohio

Related Court Document: Opinion: 2015 WL 5935826

NetJets Inc. et al. v. IntelliJet Group LLC, No. 12-cv-59, 2015 WL 5935826 (S.D. Ohio Oct. 13, 2015).

NetJets’ trademark infringement suit failed because evidence showed that at the time the mark was registered, only NetJets employees were using the software, U.S. District Judge Gregory L. Frost of the Southern District of Ohio said.

Columbus, Ohio-based NetJets and Jacksonville, Fla.-based IntelliJet sell and lease planes for private use. NetJets, which began as Executive Jet Aviation, has been operating since 1964. IntelliJet was founded in 2005.

In the 1990s Executive Jet Aviation developed the IntelliJet software program for managing the leasing of its planes, according to the opinion.

In July 1995 NetJets applied for — and later received — federal registration for a word-only IntelliJet trademark in the category of “computer software for managing aircraft leasing and sales.”

To confirm its continued use of the mark, NetJets in 2002 filed a combined declaration of use and incontestability, which the U.S. Patent and Trademark Office granted pursuant to Section 15 of the Lanham Act, 15 U.S.C. § 1065.

INFRINGEMENT SUIT IS AIRBORNE

NetJets and its intellectual property owner Columbia Insurance Co. filed a trademark infringement suit against IntelliJet in January 2012 in the Southern District of Ohio.

The Florida company countered, saying NetJets had never used the IntelliJet mark “in commerce,” as the term is defined in Section

45 of the Lanham Act, 15 U.S.C. § 1127, and moved to cancel the mark’s registration.

Judge Frost sided with IntelliJet, granting the company’s motion for summary judgment. NetJets Inc. v. IntelliJet Grp. LLC, No. 12-cv-59, 2013 WL 6799426 (S.D. Ohio Dec. 19, 2013).

The judge said the IntelliJet software was “simply the conduit through which NetJets provides its services.”

NetJets had never sold or licensed its software to external customers, and its related entities’ use of the software did not constitute “use in commerce,” the judge said.

A panel of the 6th U.S. Circuit Court of Appeals reversed. NetJets Inc. v. IntelliJet Grp. LLC, 602 F. App’x 242 (6th Cir. 2015).

The panel said Judge Frost had overlooked evidence indicating NetJets had licensed the IntelliJet software to an external customer that later became a related company, although no written license had been presented.

It remanded the case for further findings on whether the mark was enforceable, if NetJets had a common law interest in the IntelliJet mark and the likelihood that consumers would confuse the private-plane companies.

VOID AB INITIO

On remand, IntelliJet argued that the 2002 combined declaration of use and incontestability never should have been filed, as NetJets’ mark was not “in continuous use for five consecutive years subsequent to” the July 1995 filing.

Finding that only NetJets employees had access to IntelliJet software from 1995 to 2001 and NetJets had not marketed the software to customers during that period, Judge Frost said NetJets’ mark was not entitled to incontestable status.


ONLINE AUCTIONS

State auctioneer-licensing board trying to derail online business, attorney saysBy Elizabeth T. Brown, Esq., Managing Editor, Westlaw Daily Briefing

A Pennsylvania attorney who represents the estates of toy train collectors claims in a suit filed in Pittsburgh federal court that Pennsylvania’s auctioneer- licensing board is unlawfully restraining trade by seeking to bar him from conducting private online auctions.

Moreover, the act, by its terms, does not apply to sales conducted through Internet bidding platforms, the suit says.

BOARD’S ACTIONS

According to the complaint, the board in May 2010 twice cited AmbroseBauer for violating the act after Bauer refused to let a board representative come to his office and inspects his clients’ legal files.

Bauer says the Pennsylvania rules governing attorney conduct that require him to maintain the confidentiality of client information prevented him from complying with the board’s demands.

The board issued a final order on Sept. 15, 2014, upholding the citations and fining Bauer $1,000 and AmbroseBauer $500 for conducting auctions without a license, the suit says.

Bauer says he faces the possibility of facing criminal charges under the auctioneer-licensing act for continuing his work as an attorney.

The suit alleges the board and its members are restraining trade and monopolizing the sale of property over the Internet in violation of Sections 1 and 2 of the Sherman Act, 15 U.S.C. §§ 1 & 2.

It says there was a “concerted action among” the board and its members to “improperly and unlawfully misapply” the act to bar Internet sales, even if done on an online bidding platform.

He claims his rights to due process and equal protection under the 14th Amendment to the U.S. Constitution were violated.

Bauer seeks a declaration that the act, to the extent it attempts to claim jurisdiction over attorneys licensed to practice in Pennsylvania, unconstitutionally infringes the Pennsylvania Supreme Court’s exclusive powers to regulate the conduct of attorneys.

The suit also seeks injunctive relief, actual damages, treble damages, punitive damages, attorney fees and costs. WJ

Attorney:Plaintiff: Drew J. Bauer, pro se, Pittsburgh


Plaintiff Drew J. Bauer, a licensed attorney in Pennsylvania, is also the sole owner of AmbroseBauer Trains, which has a website advertising “private Internet auctions.” Some of the toy trains offered on the site are shown here in photos courtesy of Bauer.

Bauer v. Pennsylvania State Board of Auctioneer Examiners et al., No. 15-cv-1334, complaint filed (W.D. Pa. Oct. 14, 2015).

The Pennsylvania State Board of Auctioneer Examiners is “trying to force attorneys to become licensed auctioneers in order to sell or handle their legal clients’ property on the Internet,” according to the complaint filed by Drew J. Bauer in the U.S. District Court for the Western District of Pennsylvania.

Bauer has been a licensed attorney in Pennsylvania since 1982, the complaint says. He is also the sole owner of AmbroseBauer Trains, which has a website advertising “private Internet auctions.”

The Pennsylvania State Board of Auctioneer Examiners, based in Harrisburg, is a professional board of the state. The majority of its members are Pennsylvania-licensed auctioneers and trading assistants, the suit says.

Bauer has been collecting toy trains since the 1970s and partially financed his law school education by selling old toy trains, the suit says. He also has contributed material to several books and articles on toy trains.

TOY TRAIN AUCTIONS

After a he received a number of requests to represent the estates of toy train collectors, Bauer created AmbroseBauer in 2004, he says. Clients sign contracts that, in addition to hiring him as an attorney, give him a power of attorney to dispose of toy train collections via online bidding platforms such as eBay.

All net proceeds from the auctions Bauer conducted were placed in his interest on lawyers trust account in accordance with Pennsylvania Supreme Court rules, and all clients were paid from that account, the suit says.

The Pennsylvania Supreme Court’s rules as to education, escrow accounting, licensing, supervision and discipline for state-licensed attorneys are more extensive and restrictive than those set forth in the Auctioneer and Auction Licensing Act of 1983, 63 Pa. Stat. § 734, as amended by the Pennsylvania Auctioneer Licensing and Trading Assistant Registration Act, 63 Pa. Stat. § 734.1, for auctioneers and trading assistants, Bauer claims.


DATA BREACH

Target customers urge court to OK $10 million settlement of data breach suitBy Jason Schossler, Contributor, Westlaw Journals

Plaintiffs who allege Target Corp. failed to protect their personal financial information from a 2013 data breach have asked a federal judge to approve a $10 million settlement of their consolidated lawsuit against the nation’s second-largest retailer.

The deal also requires Target to adopt and implement several data security measures, including the appointment of a chief information security officer.

The company also must maintain a written information security program and provide security training for store employees.

In March, U.S. District Judge Paul Magnuson preliminarily approved the deal and directed the settlement administrator to begin sending out notices to all proposed class members. In re Target Corp. Customer Data Sec. Breach Litig., No. 0:14-md-02522, preliminary settlement approval granted (D. Minn. Mar. 19, 2015).

THE DATA BREACH

The litigation arose after Target publicly acknowledged in December 2013 that credit and debit card information of more than 40 million customers may have been compromised during point-of-sale transactions from Nov. 27 to Dec. 15.

Hackers obtained the lifted information through software installed on machines that customers use at Target’s brick-and-mortar stores to swipe their payment cards.

The consolidated proposed class-action complaint said Target failed to take adequate steps to prevent the breach. The suit further alleged the company failed to disclose to customers that it lacked proper computer systems and software security practices to protect their financial account and personal data.

Target also allegedly failed to provide timely and adequate notice of the breach.

REUTERS/Jim Young

No part of the settlement funds will revert back to Target, according

to the terms of the data breach settlement.

In re Target Corp. Customer Data Security Breach Litigation, No. 0:14-md-02522, motion for final approval filed (D. Minn. Oct. 9, 2015).

A memo in support of final approval calls the settlement “fair, adequate and reasonable” and one reached through “arm’s-length and strongly contested negotiations with Target’s counsel.”

The deal also provides for a “consumer-friendly process” for members of the proposed class to submit proof-of-loss claims, according to the memo filed in the U.S. District Court for the District of Minnesota.

Under the terms of the agreement, Target customers who can prove they were injured by the breach are eligible for reimbursement of up to $10,000 for unauthorized credit card charges, bank fees and other costs.

Customers also are eligible for reimbursement of two hours of “lost time,” at $10 per hour, for each type of documented loss they incurred, which may include time spent calling their banks or replacing a driver’s license

Customer claims will be submitted and processed primarily through the website TargetBreachSettlement.com, according to the agreement.

As a result of the breach, the credit and debit card account information of 40 million Target customers, and the personal information of 70 million customers, was potentially exposed to fraud, the suit said.

Judge Magnuson cleared the way for Target customers to sue over the breach last December. In denying the company’s motion to toss the case, he rejected Target’s argument that the customers lacked standing to sue because they failed to establish an injury.

“Plaintiff’s’ allegations plausibly allege that they suffered injuries that are ‘fairly traceable’ to Target’s conduct,” he wrote in his memorandum and order. In re Target Corp. Customer Data Sec. Breach Litig., 66 F. Supp. 3d 1154 (D. Minn. 2014).

In asking for Judge Magnuson’s final approval of the settlement, the plaintiffs say no part of the settlement funds will revert back to Target. After all reimbursement claims are paid, any remaining funds will be distributed to class members, the memo says.

Rust Consulting Inc. is serving as the court-appointed settlement administrator. WJ



CYBERSECURITY

Boards increase focus on cybersecurity measures, survey saysBy Pamela Park, Managing Editor, Westlaw Daily Briefing

Public company boards are increasing the time and resources they focus on cybersecurity, but often lack strategies to mitigate the risk of attacks, according to a recent survey conducted by BDO USA LLP.

that warrant the most protection — is a critical step companies should take before a cyberthreat occurs. The DOJ recommended that companies take a proactive approach to cyberattacks, stating that it is best to plan a response “before an incident occurs.”

More than one-third of respondents said their

boards have not identified all of the companies’ critical digital assets.

Accounting and consulting firm BDO found that more than two-thirds of directors reported that their boards are more involved with cybersecurity than they were one year ago.

About 70 percent of survey respondents said that they have increased the amount of money spent to defend their companies against cyberattacks over the past year, with an average budget expansion of 22 percent.

Cybersecurity oversight is becoming an increasingly important part of directors’ jobs in recent years, for which they may be held accountable. Following a large cyberbreach at Target Corp., for example, a number of shareholder plaintiffs alleged that the company’s directors breached their fiduciary duties by failing “to maintain proper internal controls” related to data security.

In addition, the 3rd U.S. Circuit Court of Appeals’ opinion in Federal Trade Commis-sion v. Wyndham Worldwide Corp., No. 14-3514, 2015 WL 4998121 (3d Cir. Aug. 24, 2015) (see Westlaw Journal Computer & Internet, Vol. 33, Iss. 7, 33 No. 7 WJCOMPI 5), opened the door for regulators to hold companies responsible for cyberbreaches.

In October the Securities and Exchange Commission brought its first case against an investment adviser, alleging that its failure to establish required cybersecurity policies and procedures compromised the personal information of about 100,000 individuals. SEC v. Donnelly, No. 15-cv-5673, 2015 WL 6125577 (E.D. Pa. Oct. 19, 2015).

COMPANIES INCREASINGLY BRIEFING BOARDS ON CYBERSECURITY

Given the increased investor and regulatory attention to cybersecurity, companies are spending more time informing their boards of the companies’ efforts to protect their technology systems.

The vast majority of directors indicated in BDO’s survey that they are briefed on cybersecurity at least once a year, with one-third reporting that they are briefed every quarter.

Those responses are a large step up from BDO’s 2014 survey, in which 71 percent of directors reported at least a yearly cybersecurity briefing and 25 percent said they were briefed quarterly. Significantly, only 13 percent of board members said they were not briefed on cybersecurity at all this year, compared with 29 percent last year.

Although boards are spending more time and money on cybersecurity, a minority have a formal plan to protect against such risks. Only 33 percent of the directors responding to BDO’s survey reported that their boards have documented the company’s “critical digital assets” and developed solutions to protect them.

More than one-third of respondents said that their boards have not identified all of the companies’ critical digital assets.

According to Department of Justice guidance issued in May, the identification of “crown jewels” — the data, assets and services

Despite that guidance, only 45 percent of directors responding to the BDO survey said their companies have an incident response plan in place, while over 20 percent were not sure whether they had such a plan.

BDO noted that its survey revealed a significant cybersecurity blind spot at the board level: cyberrisk involving third-party vendors. Just over one-third of directors said their companies have developed cyberrisk requirements that their third-party vendors must meet. Those vendors are a major source of cyberattacks, according to BDO.

While the increasing threat of a cyberattack is spurring boards to take a closer look at the security of their technologies, it appears more work is required. The results of BDO’s survey suggest that developing a plan in the event of a cyberattack and requirements for third-party vendors are two steps that boards should take to prepare for a breach. WJ


MERGERS & ACQUISITIONS

Investor sues to stop software seller Yodlee’s $660 million buyoutBy Jason Schossler, Contributor, Westlaw Journals

A stockholder in financial software developer Yodlee Inc. has alleged in a proposed class-action lawsuit that board members sold out investors for their own gain in a planned $660 million acquisition deal with wealth management software provider Envestnet Inc.

Inala v. Yodlee Inc. et al., No. 11461, complaint filed (Del. Ch. Oct. 14, 2015).

In a suit filed in the Delaware Chancery Court, Yodlee investor Suman Inala says Envestnet’s offer of $18.88 per share is unfair because it does not reflect the intrinsic value of Yodlee’s common stock.

Meanwhile, Yodlee’s top executives stand to reap millions of dollars from the merger, according to Inala.

The suit names as defendants six Yodlee board members, including President and CEO Anil Arora.

In addition, Envestnet and a subsidiary created to effectuate the merger allegedly aided and abetted the misconduct.

Based in Redwood City, Calif., Yodlee develops financial service platforms that allow users to see their credit card, bank, investment, email, travel rewards and other financial information on one screen online.

According to the complaint, the company has steadily increased in value since January, and beat year-over-year results in subscription revenue and other key metrics for the past four quarters. The company also increased revenue by 33 percent in 2014 and 26 percent in the first half of this year, the suit says.

Despite the company’s favorable financial results, Arora and the board of directors agreed to Envestnet’s offer, effectively blocking investors’ ability to share in the company’s future success, the suit says.

The offer price also undervalues Yodlee because it represents a premium of just 15 percent over the 52-week high of $16.03 per share June 22, according to the suit.

“[The] defendants failed to maximize stockholder value and to protect the interests of Yodlee’s stockholders,” the complaint says.

In addition, the sale of Yodlee advances the self-interests of the individual defendants, who are poised to receive “windfall profits” through cashed-in stock and change-of-control payments, the suit says.

Arora alone stands to receive more than $20 million, while other board members, collectively, will net more than $30 million, according to the suit.

Inala seeks an injunction preventing the defendants from completing the merger, rescission of the deal in the event it is completed, damages, costs and attorney fees. WJ

Attorneys:Plaintiff: Seth D. Rigrodsky and Brian D. Long, Rigrodsky & Long, Wilmington, Del.


WESTLAW JOURNAL INTELLECTUAL PROPERTY

This publication keeps corporations, attorneys, and indi-viduals updated on the latest developments in intellectual property law. The reporter covers developments in state and federal intellectual property lawsuits and legislation affecting intellectual property rights. It also covers impor-tant decisions by the U.S. Justice Department and the U.S. Patent and Trademark Office. Coverage includes copyright infringement, Lanham Act, trademark infringement, patent infringement, unfair competition, and trade secrets

Call your West representative for more information about our print and online subscription packages, or call 800.328.9352 to subscribe.


MERGERS & ACQUISITIONS

Dell’s $67 billion EMC buy is unfair, shareholder saysBy Jason Seashore, J.D., Senior Content Writer, Westlaw Daily Briefing

An EMC Corp. shareholder has sued in a Massachusetts court to stop computer maker Dell Inc. from acquiring the data security company for $67 billion, an allegedly too-low price that does not account for its expected growth in the cloud computing market.

REUTERS/Carlo Allegri

Barrett v. Tucci et al., No. 15-6023, complaint filed (Mass. Super. Ct., Middlesex Cty. Oct. 16, 2015).

The proposed class-action complaint, filed by shareholder Breffni Barrett in the Middlesex County Superior Court, says EMC’s directors agreed to the merger in exchange for the accelerated vesting of about $55 million of their stock options, but neglected to obtain the best price for the company.

The proposed deal calls for Dell to pay EMC shareholders about $24 in cash for each share, plus a special stock that tracks the share price of VMware Inc., a maker of cloud-based virtualization software. EMC holds a greater than 80 percent stake in the company, according to the suit.

The merger is expected to close by the middle of 2016.

The complaint names as defendants EMC Chairman and CEO Joseph Tucci and 11 directors.

It also names Round Rock, Texas-based Dell and two entities intended to facilitate the transaction.

Hopkinton, Mass.-based EMC supports businesses and service providers in transforming IT operations to an “information technology as a service” model, which fundamentally incorporates cloud computing, the suit says.

UNFAIR PROCESS AND PRICE

According to the complaint, EMC’s directors tilted the sale in favor of Dell in violation of their fiduciary duties.

For example, the directors agreed to “draconian” deal-protection devices that effectively lock out other potential suitors, the suit says.

The offer fails to take into account EMC’s strong financial results, including almost $25 billion in revenue in 2014,

and the company’s bright future, the complaint says.

Those terms include a two-month “go-shop” period structured to deter potential bidders, a five-day matching-rights provision, and a termination fee of $2 billion during the go-shop period and $2.5 billion afterward, the complaint says.

Barrett says the combined cash-plus-tracking-stock consideration of about $33 per EMC share is “grossly inadequate,” evidenced by at least three analysts who valued EMC at between $34 and $35 per share.

The proposed consideration “has already proved woefully overstated” in light of a drastic decline in VMware’s share price since the deal was announced, the suit says.

The decline means that, as of Oct. 14, the proposed consideration now equates to “less than $32 and falling,” the complaint says.

“Even that overstates the value of the proposed consideration” because the tracking stock may not be worth as much as the actual VMware shares due to low voting rights and lack of a direct claim on the VMware assets, the suit says.

Because of these factors, analysts estimate the tracking stock wills likely trade at a

discount of up to 10 percent to VMware’s share price, the suit says.

The consideration also fails to take into account EMC’s strong financial results, including almost $25 billion in revenue in 2014, and the company’s bright future due to being “extremely well-poised to capitalize on the continuing growth of the cloud computing market,” the complaint says.

The directors allegedly were motivated to sell now, rather than wait for EMC’s long-term advantages to accrue, by the prospect of accelerated options. Tucci alone would get about $42 million in the options deal, the suit says.

The complaint accuses Dell and the merger entities of aiding and abetting the individual defendants’ alleged breaches of their fiduciary duty.

Barrett seeks an injunction preventing the defendants from completing the merger, rescission of the deal in the event it is completed, damages and costs.

A similar suit based on the same events was filed recently in another Massachusetts state court. IBEW Local No. 129 Benefit Fund v. Tucci et al., No. 15-3130, complaint filed, 2015 WL 6084832 (Mass. Super. Ct., Suffolk Cty. Oct. 15, 2015). WJ

Attorney:Plaintiff: Theodore M. Hess-Mahan, Hutchings, Barsamian, Mandelcorn & Robinson, Wellesley Hills, Mass.



SECURITIES FRAUD

Tech firm duped investors with rosy projections, suit saysBy Nicole Banas, Senior Content Writer, Westlaw Daily Briefing

Extreme Networks Inc.’s top executives falsely projected that the computer networking company’s partnerships with other technology firms would drive significant revenue growth, according to a shareholder lawsuit filed in San Francisco federal court.

Berger stepped down later that month, and the company’s new CEO was “forced to admit” that a number of the previous statements about the Enterasys integration and the Lenovo partnership were false, the complaint says.

According to the suit, the defendants failed to tell investors that Extreme had not integrated Enterasys’ sales force, which impaired its ability to resolve issues with delayed or canceled sales, steep discounting and inefficiently processed orders.

They also concealed that Lenovo was “unprepared or unwilling” to begin selling Extreme’s products during the planned timeframe or in the amounts necessary to support financial forecasts, the complaint says.

The defendants allegedly violated the anti-fraud and control-person provisions in Sections 10(b) and 20(a) of the Securities Exchange Act of 1934, 15 U.S.C. §§ 78j(b) and 78t(a).

Plaintiff shareholder Jui-Yang Hong is seeking compensation for investors who purchased the company’s shares over a 15-month period ending April 9. WJ

Attorneys:Plaintiff: Shawn A. Williams and Kenneth J. Black, Robbins Geller Rudman & Dowd, San Francisco


Extreme Networks and its top officers violated federal

securities law by hyping expected double-digit

revenue growth in 2015, the complaint says.

Hong v. Extreme Networks Inc. et al., No. 15-cv-4883, complaint filed (N.D. Cal. Oct. 23, 2015).

The proposed class-action suit says Extreme fell $10 million short of its projected third-quarter revenue because of sales issues related to its 2013 acquisition of Enterasys Networks Inc. and partnership with Chinese computer maker Lenovo.

Extreme, former CEO Charles Berger, ex-Chief Financial Officer John Kurtzweil and CFO Kenneth Arola violated federal securities law by hyping expected double-digit revenue growth in 2015, according to the complaint filed in the U.S. District Court for the Northern District of California.

San Jose, Calif.-based Extreme provides software-driven networking solutions to customers in more than 80 countries.

The company generates the bulk of its sales by partnering with other technology firms to create “bundled” product packages, the suit says.

BRIGHT FORECAST

According to the complaint, Extreme announced in 2013 that it had acquired competitor Enterasys and partnered with Lenovo.

In an earnings call Nov. 4, 2013, Kurtzweil said Extreme expected to realize up to $40 million in synergies within 12 to 15 months, the suit says.

While the company reported “uneven though generally positive revenue growth” throughout 2014, it falsely assured investors that it had integrated Enterasys’ sales force and developed the Lenovo partnership, the suit says.

The defendants repeatedly projected 10 percent revenue growth by the end of 2015, even as they revealed disappointing financial results in May and October 2014, according to the suit.

Extreme allegedly backed off its ambitious growth forecast in January, blaming delays in Lenovo’s acquisition of IBM’s server business.

DISAPPOINTING REALITY

The complaint says Extreme had projected third-quarter revenue of between $130 mil-lion and $140 million, but revealed April 9 that it had generated only about $120 million.

The company also announced the departure of its chief revenue officer, who had been appointed just six months earlier.

Extreme’s share price tumbled nearly 25 percent on the news, to close at $2.50 per share April 10, according to the suit.


ALISON FRANKEL’S ON THE CASE

In SCOTUS petition, Apple claims 2nd Circuit used wrong antitrust standardBy Alison Frankel

(Reuters) - The e-books antitrust scheme alleged by the Justice Department against Apple and five major book publishers was what’s known in antitrust lingo as a hub-and-spoke conspiracy, in which a central player supposedly enables industry competitors to fix their prices.

REUTERS/Mike Segar

Apple’s conduct as the supposed enabler

of the price-fixing scheme presents a more complicated question of

antitrust law.

Now Apple is asking the U.S. Supreme Court to clarify what standard of review should apply to the conduct of that central player: Is its alleged participation a per se violation of antitrust law, as price-fixing amongst competitors is deemed to be? Or should courts be required to evaluate the enabler’s actions under the more forgiving “rule of reason” standard, which takes into account the potentially pre-consumer consequences of restraints on trade? Apple Inc. v. United States, No. 15-565, petition for cert. filed, 2015 WL 6690391 (U.S. Oct. 28, 2015).

investigated those agreements and found substantial evidence of industry collusion to bust Amazon’s monopoly, the publishers all entered consent decrees.

Price-fixing conspiracies among competitors are so obviously anticompetitive that they are considered a per se violation of the Sherman Act, 15 U.S.C. § 1. But Apple’s conduct as the supposed enabler of the price-fixing scheme presents a more complicated question of antitrust law. Apple, after all, isn’t a book publisher and doesn’t compete directly with publishers. In the e-books sales chain, it sits on a different level than publishers.

U.S. District Judge Denise Cote and a divided 2nd U.S. Circuit Court of Appeals nevertheless held Apple liable for a per se violation of antitrust law, rejecting the company’s arguments that it wasn’t part of a horizontal price-fixing conspiracy and its conduct actually promoted competition in the e-books market. United States v. Apple Inc., 952 F. Supp. 2d 638 (S.D.N.Y. 2013); United States v. Apple Inc., 791 F.3d 290 (2d Cir. 2015).

The company’s new petition for certiorari contends the lower courts should not have used the per se standard in its case. According to Apple, under the Supreme Court’s 2007 decision in Leegin Creative

Leather Products Inc. v. PSKS Inc., 551 U.S. 877, Apple’s conduct should have been subject to rule-of-reason review, not per se analysis. (Leegin, as you may recall, held that so-called vertical price restraints between a manufacturer and distributor are subject to the rule of reason.)

Though the 2nd Circuit majority said Leegin did not address hub-and-spoke cases, Apple said dissenting judge Dennis Jacobs correctly read Leegin precedent when he concluded that rule-of-reason analysis should have applied.

Judge Jacobs was also right, according to Apple, to find the 2nd Circuit majority’s holding is at odds with the 3rd Circuit’s 2008 decision in Toledo Mack Sales & Service Inc. v. Mack Trucks Inc., 530 F.3d 204.

In that case, an Ohio Mack dealer claimed Mack Truck conspired with other dealers to keep truck prices artificially high. The 3rd Circuit, citing Leegin, said the scheme should be analyzed under the rule of reason even though Mack Trucks’ involvement at the center of the hub was supposedly to support illegal price-fixing by the other dealers.

Apple’s cert petition argues that if the Justice Department’s case against the company had been tried in the 3rd Circuit, the company would have been entitled to rule-of-reason review. It called on the Supreme Court to step in to resolve the split.

Alison Frankel updates her blog, “On the Case,” multiple times throughout each day on WestlawNext Practitioner Insights. A founding editor of Litigation Daily, she has covered big-ticket litigation for more than 20 years. Frankel’s work has appeared in The New York Times, Newsday, The American Lawyer and several other national publications. She is also the author of “Double Eagle: The Epic Story of the World’s Most Valuable Coin.”

In case you’ve forgotten the background of the government’s case, book publishers supposedly believed their best shot at breaking Amazon’s control over the e-books market was to work with Apple on an alternative distribution model that let them set their own prices for e-books. They all entered nearly identical agreements with Apple. Then after the government


“This court should grant the petition, confirm that vertical activity, undertaken for bona fide, potentially pro-competitive purposes, is not transformed into per se illegal conduct merely because it also has been found to facilitate horizontal collusion, and overturn the Court of Appeals’ erroneous application of the per se rule,” the petition said.

Apple’s fallback argument is that the 2nd Circuit ignored the Supreme Court’s directive to use per se analysis only in cases classic antitrust conspiracies. The e-books situation, according to Apple, was anything but.

“No court had ever considered the constellation of contract terms at issue here, let alone conclusively determined their effects on competition in this market,” the petition said. “Given that the courts have never addressed the unique combination of business arrangements present here or the resulting complex economic analysis that is required, this is decidedly not an appropriate case in which to forgo inquiry into real-world competitive effects.”

Interestingly, Apple’s counsel of record on the cert petition, which was filed Oct. 28, is Seth Waxman of Wilmer Cutler Pickering Hale & Dorr. Wilmer frequently represents Apple, and Waxman, of course, is one of the country’s leading Supreme Court advocates. But so are the lawyers at Gibson Dunn & Crutcher, which represented Apple at trial before Judge Cote and at the 2nd Circuit. In fact, Gibson partner Theodore Olson actually argued and won Leegin, the Supreme Court case at the heart of Apple’s argument that it was entitled to rule-of-reason analysis.

Gibson Dunn is still on Apple’s papers as co-counsel. WJ

Related Court Document: Petition: 2015 WL 6690391

NEWS IN BRIEF

PORTLAND SEEKS $2.5 MILLION FROM HOME-SHARING SITE

HomeAway.com Inc., which operates multiple websites where people can list their homes as short-term rental properties, is illegally operating in Portland, Ore., the city has alleged in a federal court lawsuit. The City Council passed a new law, Ordinance No. 186985, on Jan. 21, 2015, that requires short-term-rental booking agents and proprietors to register with the city and to collect and remit lodgings taxes, according to the suit. The ordinance imposes a $500 penalty for each violation. The lawsuit says Austin, Texas-based HomeAway has failed to comply with the ordinance, despite receiving notifications about the new law and the company’s violations. Based on HomeAway’s alleged violations, the city seeks about $2.5 million in interest, penalties and presumptive taxes.

City of Portland, Oregon v. HomeAway.com Inc. et al., No. 15-cv-1984, complaint filed (D. Or., Portland Div. Oct. 21, 2015).


BULK METADATA PROGRAM OK UNTIL NOV. 29, COURT SAYS

The 2nd U.S. Circuit Court of Appeals has refused to enjoin the United States from collecting and using telephone metadata from various American civil rights groups while the government ends its so-called bulk telephony metadata collection program. The counterterrorism surveillance program stored details from all Americans’ telephone records, not including the calls’ content, in a searchable database. The American Civil Liberties Union and other civil rights groups asked the 2nd Circuit for an injunction after the court ruled in May that the USA Patriot Act, enacted after 9/11, did not authorize the bulk surveillance program. On June 2, however, President Barack Obama signed the USA Freedom Act, which Congress had passed in response to the May ruling. The new law gave the government 180 days to dismantle its old surveillance program and to implement new, targeted counterterrorism methods. The 2nd Circuit on Oct. 29 deferred to the other government branches on the 180-day transition period, refusing to rule on the civil rights groups’ allegations of constitutional violations for the short time the program will remain in place. The current program is scheduled to end Nov. 29, according to an Aug. 28 Justice Department statement.

American Civil Liberties Union et al. v. Clapper et al., No. 14-42-cv, 2015 WL 6516757 (2d Cir. Oct. 29, 2015).

Related Court Document: Oct. 29 opinion: 2015 WL 6516757 May 7 opinion: 2015 WL 2097814

See Document Section D (P. YY) for the Oct. 29 opinion.

SLOW ADOPTION FOR E-DISCOVERY TOOLS, REPORT SAYS

Companies have been slow to adopt technological advances in electronic discovery such as technology-assisted review, data visualization and mobile document review, according to a report from BDO Consulting. The report surveyed 140 senior in-house counsel members at U.S. companies. Middle-market organizations, which the report defines as those with revenues between $100 million and $1 billion, are slower to adopt e-discovery technologies than larger companies with revenues over $1 billion, according to the report. The survey participants were most concerned with the “volume, variety and velocity of disparate data,” but escalating costs and regulatory activity are also sources of concern, the report said. For cross-border and international e-discovery, managing the various data privacy and security laws is the greatest challenge, with access to data and coordination with local resources also listed as hurdles, according to BDO. The report is available at http://bit.ly/1RJVoHn.


The appeals court upheld the NLRB’s decision that Three D LLC, which does business as Triple Play Sports Bar and Grille, violated the federal labor law when it interrogated the employees for their Facebook posts, threatened to discharge and discharged them for their protected activity.

SIGNIFICANT SIGNAL?

Keith A. Markel, a labor and employment partner with Morrison Cohen LLP, said the decision was somewhat expected because the employees’ Facebook posts specifically mention work-related matters that could fall under the umbrella of the labor law’s protected activity.

“The decision nonetheless signals one of the first times that the NLRB, or any court, has addressed the significance of whether a Facebook ‘like’ constitutes protected concerted activity under the act,” he said.

Tim Stephenson, a labor and employment partner at Kirkland & Ellis, also remarked about the significance of a court decision involving employees’ social media communications about employment conditions.

Right now, however, the opinion is unpublished, he pointed out.

This means the decision applies to Three D but will not generally be considered binding precedent in the 2nd Circuit or other courts, he said.

“Should the court reverse course and publish, the decision would have precedential effect in the 2nd Circuit and be more likely to be cited in other jurisdictions,” he said in an Oct. 26 email.

Neither Markel nor Stephenson was involved with the lawsuit or administrative proceedings.

Although the NLRB asked the 2nd Circuit to publish the summary order, the panel denied the motion Oct. 27.

THE NLRB DECISION

According to the board’s decision in the case, Three D employees Jillian Sanzone and Vincent Spinella participated in protected activity when they expressed on Facebook that Triple Play Sports Bar & Grille may have miscalculated employees’ tax withholdings.

Facebook ‘likes’CONTINUED FROM PAGE 1

Social media postings in the workplace

Labor and employment attorneys at major U.S. law firms speak about the recent decision in Three D LLC v. National Labor Relations Board, Nos. 14-3284 and 14-3814, 2015 WL 6161477 (2d Cir. Oct. 21, 2015), and what this case means for the future.

Westlaw Journals: Was this decision expected?

Tim Stephenson, Kirkland & Ellis: The court’s decision in this developing area of labor law is not surprising giving the extent to which circuit courts defer to the NLRB, even when they may disagree with board conclusions, as long as the court decides the board’s decision is supported by substantial evidence and is not clearly inconsistent with law.

Westlaw Journals: What will this decision mean for employees moving forward?

Keith A. Markel, Morrison Cohen LLP: Employees should appreciate that employers have access to social media and are monitoring their communications to make sure that their online posts comply with their social media policies and the law. Employees should feel good, however, that not every alleged defamatory or obscene statement posted online will result in the loss of their protections under the National Labor Relations Act. Employees nonetheless should remember to focus their online

comments, and now their “likes,” to the terms and conditions of their employment, and not personal attacks on their employers. Employees should also make sure to read their employer’s social media policies before posting anything online to make sure they fully understand and appreciate their rights before they speak their mind, especially if such comments are directed toward customers.

Westlaw Journals: What will employers now need to consider when drafting their Internet, blogging or social media policies?

Robert A. Boonin, Dykema: Many employers are wondering if they can draft valid social media policies given the NLRB’s aggressive attempts to pull in the reins on such policies. Some are forgoing having such policies and instead are opting to handle issues as they may arise under ordinary workplace conduct rules. If the employer still believes that some regulation of social media use by employees is necessary, then the policies must be carefully and narrowly drafted so that employees clearly understand where

the line is drawn and that they may engage in legal concerted activity online and thereby speak with freely with respect their wages, hours and working conditions.

Westlaw Journals: What are some takeaways from the decision?

Judith A. Williams-Killackey, Quarles & Brady: The 2nd Circuit’s decision re-emphasizes the importance of avoiding the use of vague statements in policies. Employers should consider using examples to further explain what type of conduct is prohibited under a policy as a means of clearly defining expectations and avoiding any suggestion that the policy is intended to infringe on employees’ rights under the [National Labor Relations] Act. Employers should also not expect that simply stating in a policy

that the policy is not intended to restrict activity protected by the act will somehow “save” the employer from a finding that the language in a policy is overly broad.


The Facebook thread also mentioned that they intended to raise this workplace concern at an upcoming staff meeting, the three-member panel said. Three D LLC, 361 N.L.R.B. No. 31 (Aug. 22, 2014).

Two of the panelists also found the bar’s “Internet/blogging” policy unlawful. The policy used imprecise language — it prohibited “inappropriate discussions” — which employees could reasonably construe as chilling protected activity, the panel’s majority said.

The board reversed an administrative law judge’s decision on this issue, and the 2nd Circuit panel upheld the board’s decision, affirming the bar’s blogging/Internet policy violated the workers’ rights.

LESSONS ABOUT ‘LIKING’

The 2nd Circuit’s decision shows why employers need to pay attention to their social and other media policies, Stephenson at Kirkland & Ellis said.

He also warned that employees’ Facebook posts may not always be protected.

“This is a developing area of labor law in which there will be differing opinions and different outcomes in similar factual circumstances,” he said.

Labor and employment attorney Robert A. Boonin, a member at the law firm Dykema, noted the opinion is somewhat fact-specific but cautioned what it may mean for companies seeking to discipline their employees for social media activity.

“Before employers take any action against employees for their social media postings, they should confer with counsel,” Boonin said. “Employers taking action in these cases will be walking on thin ice, so extra care is needed.”

Judith A. Williams-Killackey, a labor and employment partner at Quarles & Brady, mentioned some practical lessons employers may take away from the opinion when drafting social media policy.

“The 2nd Circuit’s decision re-emphasizes the importance of avoiding the use of vague statements in policies,” she said.

Additionally, employers should not simply state that an Internet or blogging policy is not intended to violate employees’ rights and expect that to pass scrutiny of the NLRB, she said.

“Employers should consider using examples to further explain what type of conduct is prohibited under a policy as a means of clearly defining expectations and avoiding any suggestion that the policy is intended to infringe on employees’ rights under the act,” Williams-Killackey added.

Boonin and Williams-Killackey were not involved in the lawsuit or administrative proceedings. WJ

Attorneys:Petitioner (Three D): Melissa A. Scozzafava and Eric M. Grant, Yamin & Grant, Waterbury, Conn.

Respondent (NLRB): Richard F. Griffin Jr., Heather S. Beard and Jill A. Griffin, National Labor Relations Board, Washington


See Document Section A (P. 23) for the order.

The WESTLAW JOURNALS blog is your source for the latest developments in practice areas like business and finance, IP and technology, product liability, and environmental law.

Daily postings from our attorney-editors keep you up to date on important news and analysis and provide a look at what they’re working on for future print issues of Westlaw Journals.

To access the blog, visit http://blog.thomsonreuters.com/westlawjournals


CASE AND DOCUMENT INDEX

American Civil Liberties Union et al. v. Clapper et al., No. 14-42-cv, 2015 WL 6516757 (2d Cir. Oct. 29, 2015) .............................................................. 18

Authors Guild Inc. et al. v. Google Inc., No. 13-4829, 2015 WL 6079426 (2d Cir. Oct. 16, 2015) .......................................................................................6 Document Section B .....................................................................................................................................................................................................26

Barrett v. Tucci et al., No. 15-6023, complaint filed (Mass. Super. Ct., Middlesex Cty. Oct. 16, 2015).............................................................................. 15

Bauer v. Pennsylvania State Board of Auctioneer Examiners et al., No. 15-cv-1334, complaint filed (W.D. Pa. Oct. 14, 2015) ......................................... 11

City of Portland, Oregon v. HomeAway.com Inc. et al., No. 15-cv-1984, complaint filed (D. Or., Portland Div. Oct. 21, 2015) ........................................ 18

Fagerstrom et al. v. Amazon.com Inc., No. 15–cv–96, 2015 WL 6393948 (S.D. Cal. Oct. 21, 2015) .................................................................................8

Hong v. Extreme Networks Inc. et al., No. 15-cv-4883, complaint filed (N.D. Cal. Oct. 23, 2015) .................................................................................... 16

In re Facebook Internet Tracking Litigation, No. 5:12-md-02314, 2015 WL 6438744 (N.D. Cal., San Jose Div. Oct. 23, 2015) ........................................ 7

In re Target Corp. Customer Data Security Breach Litigation, No. 0:14-md-02522, motion for final approval filed (D. Minn. Oct. 9, 2015) ........................................................................................................................................................................................................ 12

Inala v. Yodlee Inc. et al., No. 11461, complaint filed (Del. Ch. Oct. 14, 2015) ..................................................................................................................... 14

Khoday et al. v. Symantec Corp. et al., 0:11-cv-00180, preliminary settlement approval granted (D. Minn. Oct. 8, 2015) ................................................9

NetJets Inc. et al. v. IntelliJet Group LLC, No. 12-cv-59, 2015 WL 5935826 (S.D. Ohio Oct. 13, 2015) ............................................................................ 10

Three D LLC v. National Labor Relations Board, Nos. 14-3284 and 14-3814, 2015 WL 6161477 (2d Cir. Oct. 21, 2015) .....................................................1 Document Section A.....................................................................................................................................................................................................23