December 9, 2022

Volume XII, Number 343

Advertisement

December 08, 2022

Subscribe to Latest Legal News and Analysis

December 07, 2022

Subscribe to Latest Legal News and Analysis

December 06, 2022

Subscribe to Latest Legal News and Analysis

Class Action Filed Against Commonwealth of Massachusetts for Alleged COVID-19 Contact-Tracing Spyware Installation

This week, a lawsuit was filed in the U.S. District Court of Massachusetts against the Commonwealth of Massachusetts for its use of a COVID-19 contact-tracing app for residents’ mobile phones. However, very few residents voluntarily downloaded the app. The solution? The lawsuit alleges that Massachusetts caused the app to be downloaded to certain residents’ mobile devices without consent or knowledge. The complaint alleges that “on June 15, 2021, [the Massachusetts Department of Public Health (DPH)] worked with [a third party application developer] to secretly install the Contact Tracing App onto over one million Android mobile devices located in Massachusetts without the device owners’ knowledge or permission.” The complaint further alleges that “[w]hen some Android device owners discovered and subsequently deleted the App, DPH would re-install it onto their devices. The App causes an Android mobile device to constantly connect and exchange information with other nearby devices via Bluetooth and creates a record of such other connections. If a user opts in and reports being infected with COVID-19, an exposure notification is sent to other individuals on the infected user’s connection record.”

The complaint also alleges that the app collected information about the user’s travel, social interactions and internet usage. The app was installed as a “settings feature” instead of an “applications file” in order to remain unnoticed.

The lawsuit alleges violations of the Fourth and Fifth Amendments to the U.S. Constitution, Articles XIV and X of the Massachusetts Declaration of Rights, and the Computer Fraud and Abuse Act. The class seeks an injunction against continued use of the spyware and an order requiring the DPH to remove the spyware from users’ mobile devices. The class also seeks to recover attorneys’ fees and $1 for symbolic damages.

Copyright © 2022 Robinson & Cole LLP. All rights reserved.National Law Review, Volume XII, Number 327
Advertisement
Advertisement
Advertisement

About this Author

Kathryn Rattigan Attorney Cybersecurity Data Privacy
Associate

Kathryn Rattigan is a member of the firm's Business Litigation Group and Data Privacy + Cybersecurity Team. She advises clients on data privacy and security, cybersecurity, and compliance with related state and federal laws. Kathryn also provides legal advice regarding the use of unmanned aerial systems (UAS, or drones) and Federal Aviation Administration (FAA) regulations. She represents clients across all industries, such as insurance, health care, education, energy, and construction.

Data Privacy and Cybersecurity Compliance

Kathryn helps clients comply...

401-709-3357
Advertisement
Advertisement
Advertisement