In December 2024, Jonathan Gabrielli filed several claims alleging that Motorola Mobility LLC (Motorola) misrepresented its data usage policy and shared his personal data with third parties, including Google, Amazon, and...more
Before assuming his new role as Executive Director for the California Privacy Protection Agency (CPPA), Tom Kemp served as a volunteer policy advisor on the Delete Act in 2023 and California’s 2020 ballot initiative, which...more
The 1988 Video Privacy Protection Act (VVPA) prohibits the disclosure of VHS rental history; now, in a recent class action where the VPPA was invoked by the plaintiffs, the parties’ voluntary settlement signals developments...more
Finally, after providing the building blocks for strong Information Governance (IG) programs and operationalizing that framework, we discuss how to sustain your IG program in the last part of the series. An effective IG...more
In a significant win for Royal Caribbean Cruises, a federal judge dismissed a lawsuit that alleged the cruise line’s website violated a California privacy law by using a TikTok tracking tool. The case, Kishnani v. Royal...more
Last week, we introduced you to the ARMA IGIM Framework. What’s next? Every successful Information Governance (IG) program starts with a strong base....more
On July 1, 2025, California Attorney General Rob Bonta announced a settlement with Healthline Media LLC stemming from alleged violations of the state’s consumer privacy law, the California Consumer Privacy Act (CCPA)....more
Are you storing sensitive data on a shared network drive? If so, your organization could be at serious risk of a data breach or privacy lawsuit. Shared drives, like the common “S:\ drive,” are often used to store documents,...more
On June 6, 2025, President Donald Trump signed two executive orders aimed at significantly reshaping the future of drone policy in the United States. One focuses on protecting national airspace from malicious drone threats,...more
6/23/2025
/ Aircraft ,
Drones ,
Executive Orders ,
Export Controls ,
Federal Aviation Administration (FAA) ,
Government Agencies ,
Innovation ,
National Security ,
Regulatory Reform ,
Regulatory Requirements ,
Supply Chain ,
Technology Sector
On June 3, 2025, the California Senate unanimously passed Senate Bill 690 (SB 690) in a 35-0 vote, a strong show of support for reining in a flood of lawsuits that have taken many companies by surprise over the last few...more
In a surprising move, China-based DJI, the world’s largest drone manufacturer, is not flinching at the prospect of tighter U.S. restrictions on Chinese drone companies. In fact, they’re embracing it....more
It’s 2025, and somehow, we’re still dealing with lawsuits over a law that was born in the pen registers and rotary phones era. That law, the California Invasion of Privacy Act (CIPA), a decades-old statute that’s suddenly...more
What do a global sportswear giant and a prestigious medical center have in common? Apparently, a shared struggle defending data breach lawsuits for breaches of sensitive personal information caused by third-party vendors....more
CYBERSECURITY - U.S. Retailers Bracing for Scattered Spider Attacks - Google sent out a warning that the cybercriminal group Scattered Spider is targeting U.S.-based retailers. Scattered Spider is believed to have been...more
5/30/2025
/ Artificial Intelligence ,
CIPA ,
Class Action ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Security ,
Privacy Laws ,
Ransomware ,
State Data Privacy Laws ,
Web Tracking
This week, the U.S. District Court for the Northern District of California ruled in favor of children’s clothing retailer Janie & Jack, which sought to enjoin over 2,400 individual arbitration claims resulting from alleged...more
A new wave of state consumer privacy laws focused on limiting data collection is creating anxiety among businesses—and Maryland is leading the charge. The Maryland Online Data Privacy Act (MODPA), set to take effect in...more
U.S. companies are running out of time to comply with a sweeping new Department of Justice (DOJ) rule that limits sharing sensitive personal data with certain foreign countries—including China, Russia, and Iran. With a hard...more
Pennsylvania-based Chord Specialty Dental Partners is under fire after a September 2024 data breach compromised the personal information of over 173,000 individuals. At least seven proposed class action lawsuits have been...more
5/23/2025
/ Class Action ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Dental Practice ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Personal Information ,
Privacy Laws
In yet another reminder that California takes data privacy seriously, this month, the California Privacy Protection Agency (CPPA) fined Florida-based data broker Jerico Pictures, Inc. (d/b/a National Public Data) $46,000 for...more
AI service provider Serviceaide Inc. faces two proposed class action lawsuits from a data breach tied to Catholic Health System Inc., a nonprofit hospital network in Buffalo, New York. The breach reportedly exposed the...more
This month, the California Privacy Protection Agency (CPPA) Board discussed updates to the California Consumer Privacy Act (CCPA) draft regulations related to cybersecurity audits, risk assessments, automatic decision-making...more
The California Consumer Privacy Protection Agency (CPPA) Board issued a stipulated final order against Todd Snyder, Inc., a clothing retailer based in New York, requiring the company to pay a $345,178 fine and update its...more
Video game developer Ubisoft, Inc. came out on top earlier this month in the Northern District of California when a judge dismissed, with prejudice, a class action claiming that the company’s use of third-party website pixels...more
In a big win for businesses, a California federal court just held that a “tester” plaintiff—someone who visits websites to initiate litigation—cannot bring a claim under the California Invasion of Privacy Act (CIPA)....more
Yahoo’s ConnectID is a cookieless identity solution that allows advertisers and publishers to personalize, measure, and perform ad campaigns by leveraging first-party data and 1-to-1 consumer relationships. ConnectID uses...more