Previously known as the law firm “Turke & Strauss LLP” which has split up into two firms with Strauss Borelli being the data privacy litigation firm that you should be very proactive if you receive a notice that they are investigating your data protection practices. Get a free privacy audit and see what gaps you have with our privacy software that can protect you against expensive lawsuits.
A Firm in Transition—and Expansion
What began as Turke & Strauss LLP, headquartered in Madison, Wisconsin, has formally become Strauss Borelli PLLC, now based at 980 North Michigan Avenue, Suite 1610, Chicago, Illinois 60611. The rebrand reflects the elevation of Raina C. Borrelli to named partner status alongside founding attorney Samuel J. Strauss—a structural change that signals the firm’s growth trajectory in data privacy class action practice.
The move from Madison to Chicago’s Magnificent Mile is more than a change of address. It positions the firm at the center of the Northern District of Illinois’s plaintiff-side class action ecosystem, where BIPA litigation, data breach cases, and consumer privacy claims move through the courts at high volume, and where co-counsel relationships with firms like Milberg, Tycko & Zavareei, and the Arnold Law Firm are geographically and institutionally convenient.
Strauss Borelli’s practice sits at the intersection of two distinct but related privacy litigation categories that together cover most of the ways a company’s data practices can become a class action defendant: data breach litigation and health data pixel tracking. Understanding both—and understanding how the firm pursues them—is essential to assessing the risk profile it creates.
The Data Breach Docket
Pederson v. AAA Collections, Inc.
Pederson v. AAA Collections, Inc. (D.S.D., Case No. 4:22-cv-04166, filed December 2022, terminated April 2025) is among the firm’s cleaner documented breach settlements. The defendant, AAA Collections, Inc., is a debt collection agency—a company holding consumer financial information and personal identifiers by the nature of its business. Plaintiff Craig Pederson alleged that AAA Collections failed to protect that information from unauthorized access, asserting claims in negligence, unjust enrichment, invasion of privacy, breach of implied contract, and declaratory relief.
Raina Borrelli served as co-counsel alongside Terence R. Coates and others. The case proceeded to preliminary settlement approval: in October 2023, plaintiff filed an unopposed motion supported by a joint declaration of class counsel. The case terminated in April 2025 following final resolution—a roughly two-and-a-half year lifecycle from filing through settlement conclusion. The debt collection sector, which holds large volumes of consumer financial and personal data with security postures often less robust than financial institutions proper, has been a consistent data breach litigation target, and Pederson reflects Strauss Borelli’s willingness to pursue mid-market defendants as well as enterprise targets.
Prutsman v. Nonstop Administration and Insurance Services, Inc.
Prutsman v. Nonstop Administration and Insurance Services, Inc. (N.D. Cal., Case No. 3:23-cv-01131, filed March 2023, terminated March 2025, assigned to Judge Rita F. Lin) targeted a health benefits administrator—a company whose business is managing employee health insurance benefits and the personal health data that flows through that process. The case alleged that a data breach at Nonstop Administration exposed sensitive personal and health-adjacent information belonging to the company’s members.
Strauss Borelli participated as co-counsel in a multi-firm plaintiff structure that included CVN, Milberg, and the Arnold Law Firm. The litigation proceeded through contested discovery and ultimately resolved in a settlement. In December 2024, co-lead counsel Scott E. Cole and Gary M. Klinger filed a joint motion for attorney fees, supported by detailed task breakdowns from each participating firm. The “Strauss Borelli Detailed Task Breakdown” was filed as Exhibit 4 to the fee motion—reflecting the firm’s documented contribution to the litigation effort. The case terminated in March 2025 following fee and settlement approval before Judge Lin.
Garcia v. Set Forth, Inc.
Garcia v. Set Forth, Inc. (N.D. Ill., Case No. 1:24-cv-11688, filed November 2024, assigned to Judge Martha Maria Pacold) represents the firm’s most recently documented active data breach matter in federal court. Set Forth, Inc.—operating through related entities including Centrex Software—provides billing and collection services to healthcare providers across the country, handling consumer financial and health-adjacent data at substantial scale. The breach exposed consumer information across that dataset.
In February 2025, the majority plaintiffs filed a motion for appointment of lead counsel, submitting a 22-page Strauss Borelli firm resume (updated as of early 2025) as Exhibit C to the leadership application. The resume, filed at 980 N Michigan Avenue with phone number 872.263.1110 and website straussborrelli.com, documents the firm’s data breach case history—including prior matters such as Walters v. Kimpton Hotel & Restaurant Group and participation in In re Apria Healthcare Data Breach Litigation. Multiple named plaintiffs are listed in the consolidated complaint: Arthur Dekenipp, Bertha Meza, Jorge Newbery, Brian Jannone, Andrew Cheek, Rene Garcia, and Bobbie McCluskey.
In re Oracle Corporation Data Breach Litigation
The most high-profile data breach matter currently carrying the Strauss Borelli name is In re Oracle Corporation Data Breach Litigation (W.D. Tex., Case No. 1:25-cv-01805, filed November 2025, consolidated January 2026 before Judge Alan D. Albright). Oracle’s 2025 data breach—affecting enterprise data held in Oracle’s cloud infrastructure—triggered consolidated class action litigation from plaintiffs across the country. The consolidation order of January 5, 2026 formalized the matter under the style In re Oracle Corporation Data Breach Litigation after granting the unopposed portions of the plaintiffs’ motion to consolidate.
Raina Borrelli of Strauss Borelli PLLC is named as participating counsel alongside a coalition that includes Cotchett Pitre & McCarthy, Milberg, and others. Oracle’s scale as a defendant—and the enterprise sensitivity of the data held in its cloud infrastructure—makes this one of the more significant data breach matters currently in early litigation. The consolidated proceeding before Judge Albright in the Western District of Texas is at the interim leadership stage as of early 2026.
The Health Data Pixel Practice
Beyond data breach, Strauss Borelli has developed a specific litigation focus on health data pixel tracking—the use of advertising technology on hospital and healthcare website pages in ways that transmit patient-sensitive information to third-party platforms without consent.
Kaliher v. North Memorial Health Care
Kaliher v. North Memorial Health Care (D. Minn., Case No. 0:23-cv-00440, filed February 2023, assigned to Judge Katherine M. Menendez) is the firm’s most fully developed health data pixel matter in the public record. The defendant, North Memorial Health Care, is a Minnesota hospital system. The plaintiffs—Heidi Kaliher, Tracy Knight, and Gregg Lurie—alleged that North Memorial’s use of the Meta Pixel on its website caused protected health information to be transmitted to Meta Platform, Inc. without patient consent.
The legal theory is rooted in federal wiretapping statutes (18 U.S.C. § 2520, interception of wire communications) as well as related state and common law claims. The case has been actively litigated: plaintiffs filed a second amended complaint in both October and November 2024 (a refiled redacted version), indicating ongoing contested development of the factual record and legal theories through the amendment process. Co-counsel include Brian C. Gudmundson of Zimmerman Reed and others operating in the Minnesota federal court ecosystem.
The North Memorial case exemplifies the specific risk profile health data pixel tracking creates. When a hospital patient logs into a patient portal, uses a symptom checker, schedules an appointment, or navigates pages discussing specific conditions or treatments, and the hospital’s website is simultaneously running Meta Pixel, the pixel may capture and transmit to Meta information that reveals the patient’s health-seeking behavior. Even without HIPAA’s direct application to the pixel transmission itself, that capture implicates federal wiretapping statutes, California’s CMIA (for California-accessible systems), and general invasion of privacy theories. Health systems that deployed Meta Pixel across their patient-facing web properties during the 2018–2023 period—when pixel deployment was a routine marketing practice—face this specific claim.
Noftz v. KSB Hospital Foundation
Noftz v. KSB Hospital Foundation (N.D. Ill., Case No. 1:24-cv-08100, filed September 5, 2024, assigned to Judge Martha Maria Pacold) is a more recently filed hospital-defendant privacy case. Samuel J. Strauss personally signed and filed the complaint. Named plaintiffs include Chloe Noftz, Kenneth Weinstock, and Tonya Black; the case names KSB Hospital Foundation as defendant.
The case has been actively briefed on jurisdiction and standing: in October 2025, plaintiffs filed a supplemental brief on jurisdiction and standing in response to a motion to dismiss, and as of February 2026 the parties were still filing joint responses to court orders regarding case scheduling. The ongoing jurisdiction and standing briefing reflects the post-TransUnion federal court landscape in which Article III injury-in-fact arguments are a primary defense battleground in digital privacy cases—and reflects Strauss Borelli’s willingness to litigate through these threshold challenges rather than withdraw.
The TCPA Roots: Evans v. AP Gas & Electric
Any accurate profile of the firm’s litigation history has to acknowledge that Strauss Borelli’s predecessor, Turke & Strauss LLP, built its class action foundation partly in TCPA (Telephone Consumer Protection Act) litigation—consumer protection cases involving unwanted telemarketing calls and texts—before migrating its focus toward data privacy.
Evans v. AP Gas & Electric (TX), LLC (S.D. Ohio, Case No. 2:17-cv-00515, filed June 2017, terminated May 2019, assigned to Chief Judge Edmund A. Sargus) is an early marker in the firm’s history. Samuel J. Strauss of Turke and Strauss LLP was provisionally appointed as class counsel in December 2018 alongside Anthony Paronich of Paronich Law. Judge Sargus granted final approval of the class action settlement and awarded attorney fees in May 2019.
The TCPA background is directly relevant to understanding the firm’s current practice: both TCPA and digital privacy class actions share the same structural DNA—statutory damages per violation, no proof of actual harm required, class certification as the critical leverage point, and settlement as the predominant resolution. The transition from TCPA to data privacy is a well-worn path in plaintiff-side consumer protection litigation, and Strauss Borelli walked it with growing sophistication.
The VPPA Vector: Alhindi v. Metropolis Technologies
Strauss Borelli’s engagement with VPPA is nascent but present. In Alhindi v. Metropolis Technologies, Inc. (M.D. Tenn., Case No. 3:24-cv-00748, filed June 2024, assigned to Judge William Lynn Campbell Jr.), Raina Borrelli appears as co-counsel alongside Philip Fraietta and Christopher Brochu. The defendant, Metropolis Technologies, is a parking technology company—an unconventional VPPA target that illustrates how broadly the statute’s video content analysis is now being applied.
The consolidated amended complaint filed in October 2025 invokes VPPA in the context of Metropolis’s digital platform and the transmission of video-viewing related data through pixel infrastructure. The case remains active in the Middle District of Tennessee.
What the Firm’s Practice Architecture Reveals
Reading Strauss Borelli’s docket as a unified whole, several structural features emerge:
Health Sector Prioritization. The firm’s pixel practice has concentrated on hospital systems and health benefits administrators—defendants where the sensitivity of the underlying data (health information, patient behavior, insurance data) amplifies both litigation risk and settlement motivation. North Memorial and KSB Hospital Foundation are regional health systems; Set Forth and Nonstop Administration are health-adjacent financial services companies. The pattern is not coincidental.
Co-Counsel Integration. Across its larger matters, Strauss Borelli consistently operates within multi-firm plaintiff coalitions: with Milberg in Garcia/Set Forth and Prutsman/Nonstop; with Gudmundson’s firm in Kaliher/North Memorial; with Cotchett in the Oracle matter. This reflects a deliberate positioning as a capable co-counsel partner—a firm with sufficient expertise and credibility to carry significant case weight, but one that leverages coalition structure to access matters beyond any single firm’s resource capacity.
Escalating Defendant Size. The trajectory from AAA Collections (a regional debt collector) to Oracle Corporation (a global cloud infrastructure giant) reflects a firm building toward the highest-profile tier of data breach litigation. The Oracle matter, if it develops toward a significant settlement, would represent a capstone case for a firm that spent the 2018–2023 period developing class action credentials in the mid-market data breach space.
Standing and Jurisdictional Tenacity. The ongoing jurisdictional briefing in Noftz v. KSB Hospital Foundation through late 2025 and into 2026 signals that Strauss Borelli is not a firm that folds when defendants mount threshold challenges. The Article III standing disputes that now characterize most digital privacy cases require a specific kind of litigation staying power—and the firm’s willingness to brief supplemental standing arguments two years after filing suggests it has it.
The Compliance Implications
The Strauss Borelli docket translates directly into a compliance agenda for the industries it targets:
Health System Web Properties: Any hospital, health system, or health benefits administrator that deployed Meta Pixel, Google Analytics, or equivalent advertising technology on patient-facing web pages—appointment schedulers, symptom checkers, patient portals, condition pages—should audit whether health-adjacent data was transmitted to advertising platforms, assess ongoing exposure under wiretapping statutes, and evaluate remediation options. The Kaliher and Noftz cases are templates for the claims that flow from that deployment history.
Data Security at Mid-Market Scale: The AAA Collections and Prutsman cases are a reminder that data breach litigation is not confined to Fortune 500 defendants. Debt collectors, benefits administrators, and regional healthcare finance companies hold large volumes of sensitive consumer data and face class action risk proportional to the breach size—not the company’s market capitalization. Security investment and documented security programs are the only durable defense.
Enterprise Cloud and SaaS: The Oracle matter signals that Strauss Borelli has aspirations beyond regional health systems. Enterprise software and cloud infrastructure providers that hold client data—and whose breaches affect the clients’ customers downstream—are on the firm’s radar at the highest level.
Her firm has grown, moved to Chicago, promoted a partner, and rebranded—a trajectory that says as much about the state of data privacy litigation as any case on its docket.
Protect against expensive data privacy lawsuits today and get a free demo on how our software protects businesses small and large across the board.
