On July 24, 2025, the California Privacy Protection Agency (CPPA) Board held a public meeting to finalize major amendments to the CCPA regulations, including rules on Automated Decision-Making Technology (ADMT), risk...more
On June 25, 2025, Governor Ned Lamont signed Connecticut Senate Bill 1295 into law. SB 1295 significantly amends the Connecticut Data Privacy Act (CTDPA) by lowering the threshold for applicability, broadening the definition...more
A federal court in Illinois has dismissed a class action suit filed under the Illinois Biometric Information Privacy Act (BIPA), finding that Hyundai did not “collect, capture, or otherwise obtain” biometric data by use of...more
In a significant win for the defense, a California federal judge denied class certification in a California Invasion of Privacy Act (CIPA) suit alleging that AddShoppers and Peet’s Coffee unlawfully tracked website visitors...more
7/2/2025
/ California ,
CIPA ,
Class Action ,
Class Certification ,
Cookies ,
Data Collection ,
Data Privacy ,
Invasion of Privacy ,
Litigation Strategies ,
Privacy Laws ,
Web Tracking ,
Websites
Here are some recent privacy and cybersecurity related news stories that caught our attention over the past couple of weeks.
California Privacy Protection Agency (CPPA) Issues New Proposed Regulations -
The CPPA has...more
On April 7, 2025, Arkansas passed the Arkansas Children and Teens’ Online Privacy Protection Act (HB 1717) - a state law modeled closely after the federal Children and Teens’ Online Privacy Protection Act (widely referred to...more
With the passing of the first major compliance deadline of the EU AI Act on February 2, 2025, EU regulators have officially banned certain high-risk AI applications. Companies that develop or deploy AI systems must now...more
On January 16, 2025, the Federal Trade Commission (FTC) published its Final Rule officially adopting updates to the Children’s Online Privacy Protection Act (COPPA). For a comprehensive overview of these changes, be sure to...more
Overview -
In 2024, lawsuits targeting companies for their use of commonly deployed digital tracking technologies, such as pixels, and session replay tools proliferated. Frequently used on apps and websites, tracking...more
Starting January 2025, five state privacy laws will take effect, providing consumer privacy rights to a new swath of individuals across the country. Delaware, Iowa, Nebraska, and New Hampshire’s laws will go into effect on...more
Companies frequently wish to record telephone conversations related to their operations, customers, or business transactions. In response, the U.S. Congress and most state legislatures have enacted statutes and regulations...more
On May 16, 2024, the Illinois Legislature passed Senate Bill 2979 (SB2979), clarifying how damages are calculated under the Illinois Biometric Information Privacy Act (BIPA). 740 ILCS 14/1, et seq. This amendment confirms...more
On July 1, 2024, three more U.S. state privacy regulations will take effect. While these laws align with many of the principles established by other state privacy laws, they also introduce unique compliance requirements...more
Class-action lawyers are adapting their legal tactics, moving away from suing companies under California's wiretap law and instead focusing on a new legal claim: the pen register theory....more
On December 20, 2023, the Federal Trade Commission (FTC) published a Notice of Proposed Rulemaking (Proposed Rule) seeking to update the Children’s Online Privacy Protection Act (COPPA), which would place new restrictions on...more
On December 19, 2023, Rite Aid Corporation (Rite Aid) agreed to settle Federal Trade Commission (FTC) charges that it failed to take reasonable measures to prevent harm to consumers from its use of facial recognition...more