In a reversal, the 9th U.S. Circuit Court of Appeals recently decided a privacy case against Bloomingdale's, ruling that the retailer violated the California Invasion of Privacy Act (CIPA) when it tracked an online shopper's movement without consent. The decision indicates the court's favorable sentiment concerning protecting citizens' privacy and a shift in its approach to the wiretapping statute, Loeb & Loeb privacy lawyer Allison Cohen blogged.

Education technology vendor Instructure renewed its request that a district court dismiss a privacy suit against it, arguing that the plaintiffs failed to allege constitutional violations or invasion of privacy, and didn't prove violations of California law.

Illinois asked a federal court Monday to dismiss a DOJ workplace privacy suit, arguing that the federal government failed to state a claim, and that federal immigration law does not preempt state privacy law. In May, the DOJ sued Illinois over a workplace privacy law that allegedly disrupts federal immigration authority (see 2505050065).

Affirming a circuit court's earlier ruling, an Illinois appellate court Tuesday certified class for railway workers who want to file a class-action suit claiming violations of the state's Biometric Information Privacy Act (BIPA). Plaintiffs in case 1-24-1961 allege that railway industry service provider ITS Technologies' use of employee biometric information for time clocks violates the state statute.

A federal judge Wednesday denied Mississippi Attorney General Lynn Fitch's request for a stay of an injunction blocking a social media age-verification law. Fitch (R) asked for the injunction to be lifted while an appeal of case 24-00170 was pending at the 5th U.S. Circuit Court of Appeals (see 2506200009).

Multi Media asked a federal court on Monday to drop a suit against the porn site, claiming the plaintiff failed to state a claim. Multi Media was one of four adult websites sued in the U.S. District Court for Kansas on May 12 for allegedly violating Kansas law by failing to implement age verification on their sites (see 2505130023).

Microsoft sought dismissal of a lawsuit alleging it improperly collects ad data in a way that mimics surveillance and can identify individual users. It argued Monday that plaintiffs in case 25-00570 -- individuals who used Microsoft to access various websites -- were attempting to "stretch common-law privacy and wiretap laws beyond their intended scope.”

Maryland Attorney General Anthony Brown (D) on Monday asked for the dismissal of a lawsuit from NetChoice over the state’s Age-Appropriate Design Code (MAADC) Act, arguing that the trade association failed to state a claim and lacked jurisdiction.

A judge ordered the U.S. Office of Personnel Management (OPM) and the Department of Government Efficiency (DOGE) to submit reports summarizing DOGE employees' access to sensitive data and how those staffers were trained, in order to prove that they didn't violate the Privacy Act.

A court dismissed a class action lawsuit against the NFL that alleged the league violated the Video Privacy Protection Act (VPPA) by employing the Meta-tracking pixel without user notice and consent. Issued Friday, the summary order ruled that an "ordinary person" could not determine a user's Facebook ID through the pixel's transmission.