18th Annual Workplace Class Action Report - 2022 Edition

Annual Workplace Class Action Litigation Report: 2022 Edition 669 speculative." Id . at *22. Finally, Defendant argued that Plaintiff failed to state a viable BIPA claim because he consented to the collection of his biometric information. The Court, however, found that Plaintiff only provided written consent six months after he filed his lawsuit. For these reasons, the Court denied Defendant’s motion to dismiss. Gardiner, et al. v. Walmart Inc. , 2021 U.S. Dist. LEXIS 75079 (N.D. Cal. March 5, 2021). Plaintiff, an online retail consumer, filed a class action alleging that Defendant’s data breach led to his and others’ personal identifying information (“PII”) being shared on the dark web. Plaintiff brought claims for violations of the California Consumer Privacy Act ("CCPA"), negligence, violation of California’s Unfair Competition Law ("UCL"), breach of express contract, breach of implied contract, and breach of the implied covenant of good faith and fair dealing. Defendant filed a motion to dismiss, which the Court granted. Plaintiff alleged that he and the proposed class members suffered economic damages and actual harm in the form of: (i) the improper disclosure of their PII; (ii) the imminent injury flowing from potential fraud and identity theft; (iii) non-existent notification of the data breach; (iv) ascertainable losses in the form of out-of-pocket expenses and value of time spent mitigating the data breach’s effect; (v) losses in the form of deprivation of value of their PII; and (vi) overpayments for the goods purchased from Defendant. Id . at *3. The Court dismissed the CCPA claim. It reasoned that to assert the claim, Plaintiff had to allege that Defendant’s practices led to the data breach after January 1, 2020, when the law went into effect, and the complaint was devoid of the date of the alleged breach. The Court also determined that Plaintiff failed to establish that there was disclosure of his personal information with specificity to allege a claim. The Court also dismissed the claims for negligence, breach of contract and violations the UCL, since that Plaintiff failed to sufficiently allege an injury. For these reasons, the Court dismissed Plaintiff’s action with leave to amend. Hart, et al. v. TWC Product & Technology , 2021 U.S. Dist. LEXIS 52683 (N.D. Cal. March 17, 2021). Plaintiff filed a class action alleging that Defendant’s weather mobile application tracked users and sold the user locations to third-parties without permission in violation of the privacy rights contained the California Constitution, the California Consumer Legal Remedies Act (“CLRA”), and California Unfair Competition Law. Defendant filed a motion to dismiss, which the Court granted in part and denied in part. The Court explained that in order to allege a violation of privacy under the California Constitution, a Plaintiff must establish that: (i) there was a reasonable expectation of privacy, and (ii) the intrusion was highly offensive. Id. at *9. Defendant contended that Plaintiff could not satisfy the reasonable expectation of privacy element because he consented to disclosure of his location data when he downloaded the app and Defendant adequately disclosed its data gathering policies in its privacy policy. The Court, however, noted that case law authorities routinely rejected arguments on consent barring privacy claims. Turning to the second element, the Court explained that the Ninth Circuit recently concluded the "the ultimate question" of whether certain practices "could highly offend a reasonable person is an issue that cannot be resolved at the pleading stage." Id . at *10. Accordingly, the Court found that Plaintiff’s allegations that Defendant allegedly tracked, stored, and shared precise location data on a continuous basis were sufficient to plausibly allege that the intrusion of privacy was highly offensive. Id . at *11. The Court also concluded that Plaintiff adequately alleged a threat of further harm from additional data sharing with third-parties, and found that Defendant cited no valid case law authority to support the proposition that an injunction against further data sharing would prevent such harm. Id . at *17. The Court therefore denied the motion to dismiss the claim for violation of the California Constitution. Plaintiff did not contest dismissal of the CLRA claim, and therefore the Court granted the motion as to that claim. Regarding Plaintiff’s UCL claim, Defendant asserted that Plaintiff lacked statutory standing because he failed to allege sufficient economic injury. The Court agreed and dismissed the UCL claim for lack of statutory standing. However, the Court ruled that Plaintiff sufficiently alleged that he did not receive the benefit of his bargain because he never agreed to share all his location data with Defendant sufficient to allege unjust enrichment. For these reasons, the Court granted in part and denied in part Defendants’ motion to dismiss. Heard, et al. v. Becton, Dickinson & Co., 524 F. Supp. 3d 831 (N.D. Ill. 2021). Plaintiff filed a class action alleging that Defendant, a medical device manufacturers, violated several provisions of the Illinois Biometric Information Privacy Act (“BIPA”). Plaintiff contended that at the hospital where he was employed, he was required to enroll his fingerprint with Defendant’s devices and to scan his fingerprint. Plaintiff asserted that Defendant collected his fingerprint data and stored it on its servers, and brought claims for: (i) violation of