Finding that the Plaintiffs lacked Article III standing to pursue their case, Google, Inc. (“Google”) won dismissal of the Android users’ putative class action lawsuit after more than three years of litigation.   In re Google Inc. Privacy Policy Litigation, No. 12-01382 (N.D. CA July 15, 2015).   The Android users had claimed that Google violated its own privacy policy by disclosing personal information to third parties without permission.

In City of Los Angeles v. Patel, the Supreme Court invalidated a Los Angeles law that allowed law enforcement officials to inspect hotel and motel guest registries at any time, without a warrant or administrative subpoena. The Court ruled that the law violated hotel owners’ Fourth Amendment rights because it “penalizes them for declining to turn over their records without affording them any opportunity for pre-compliance review.”

In reaching its decision, the Court also announced two findings with implications for future lawsuits brought under the Fourth Amendment:

  1. Facial challenges to statutes are permitted under the Fourth Amendment
  2. Hotels and motels do not fall under the “pervasively regulated” exception to the warrant requirement

When are U.S. social media companies subject to European data privacy laws? As we reported in 2013, the answer is often contingent on geographic location – where the relevant data is processed. In 2013, for example, a German court ruled that Facebook was not subject to German data protection laws because the relevant data was processed in Ireland, not Germany.

However, in 2014, a different German court at the same level found, in a separate case, that Facebook could be subject to German data protection laws, finding that the relevant data was processed outside the E.U. in the United States rather than Ireland.

But geography isn’t everything.  As an Austrian court decision last week makes clear, the location of data processing is not the only potential hurdle for would-be plaintiffs bringing suit against U.S. companies in the E.U. The Vienna Regional Court dismissed a case against Facebook, not because of national borders, but because of the identity of the plaintiff and how he used his Facebook accounts.

Connecticut has joined a list of twenty-one states with a statute designed to preserve the privacy of personal online accounts of employees and limit the use of information related to such accounts in employment decision-making. Legislation directed to online privacy of employees has also passed this year in Montana, Virginia, and Oregon, and such legislation is pending in a number of other states.

On Thursday, the Digital Advertising Alliance (“DAA”) announced that it will enforce its previously issued “Application of Self-Regulatory Principles to the Mobile Environment” (the “Mobile Guidance”) beginning September 1, 2015.

Although the Mobile Guidance was initially issued in July 2013, enforcement was delayed pending the DAA’s implementation of