The ‘Long Arm’ of CIPA and Its Newfound Pen-Trap Claims
It has been amply documented how the California Plaintiffs’ Bar has exploited the California Invasion of Privacy Act (“CIPA”)–explicitly designed during the Cold War to address telephonic wiretapping and eavesdropping—to...more
Introduction - In 2025, privacy and AI regulation have moved from the sidelines to the center of business risk and strategy. U.S. states are rapidly enacting a patchwork of privacy laws, with new AI laws emerging and...more
The rapid adoption of AI notetaking and transcription tools has transformed how organizations (and individuals) capture, analyze, and share meeting and other content. But as these technologies expand, so too do the legal and...more
In this week’s Film Room, we provide updates regarding: court decisions on eligibility rule challenges, a data privacy lawsuit filed against SeatGeek...more
When we speak to clients about online privacy issues, they almost always mention the CCPA – California’s Consumer Privacy Act that regulates the collection and use of personal data. But unless they have already faced a...more
In the wake of an explosion in digital privacy litigation, courts and legislatures are redrawing some of the boundaries of what qualifies as unlawful data collection under decades-old statutes. Claims brought under...more
A recent California federal jury verdict against Meta Platforms Inc. has sent a clear message to businesses: tracking technologies can pose serious legal and reputational risks if not deployed responsibly. ...more
Join CDF's Privacy and AI Practice Group Partners, Dan Forman, Dalia Khatib and Linda Wang, on August 20, 2025 at 10:00 AM (Pacific) for a timely discussion on how emerging AI regulations and privacy laws are reshaping...more
Readers of this blog are well aware of the proliferation of lawsuits alleging that websites which utilize Meta Pixel tracking software violate the California Invasion of Privacy Act (“CIPA”). These lawsuits typically allege...more
In late May, Judge James Donato of the U.S. District Court for the Northern District of California ruled on summary judgment motions filed by Meta and Flo Health Inc.—both defendants in the ongoing Frasco v. Flo Health, Inc....more
As an attorney focused on technology transactions and counseling, I approach new technologies with both curiosity and caution. Like many lawyers, I tend to be skeptical until I fully understand how something works....more
Like a zombie apocalypse, hordes of California Invasion of Privacy Act (“CIPA”) claims have chased corporate defendants to court where they were held off for a time, until, clawing at the courthouse doors, CIPA claims broke...more
If your company uses a third-party tool to power your website chat function or AI-assisted customer service, the 9th Circuit Court of Appeals just delivered a ruling you should know about. On July 9, the court affirmed...more
Welcome to the Summer of Privacy! As we hit the middle of 2025, California is once again the focus of our attention, as both its legislators and regulators are attempting to square privacy protections with developing...more
Readers of this blog may recall a piece in which we discussed an unfavorable Ninth Circuit California Invasion of Privacy Act (“CIPA”) internet wiretapping decision. Interestingly, the Ninth Circuit recently weighed in again...more
The Northern District of California recently dismissed, with prejudice, a purported class action against Royal Caribbean Cruises Ltd. (Royal Caribbean), alleging a violation of the California Invasion of Privacy Act (CIPA)...more
Websites are ubiquitous, and so are cookies and tracking pixels (a/k/a web beacons). A web browser uses cookies to store login details and preferences; the cookies also track and profile user behavior. When visiting a...more
The Ninth Circuit recently issued two back-to-back memoranda of dispositions addressing claims under the California Invasion of Privacy Act (“CIPA”) Section 631 and the common law tort of intrusion upon seclusion. First, on...more
In a significant win for the defense, a California federal judge denied class certification in a California Invasion of Privacy Act (CIPA) suit alleging that AddShoppers and Peet’s Coffee unlawfully tracked website visitors...more
On June 6, 2025, the United States District Court for the Northern District of California dismissed a number of claims being brought against Google related to its alleged improper collection of health-related data though...more
Readers of this blog are aware of the barrage of California Invasion of Privacy (“CIPA”) claims brought against online companies. Recently, an unfavorable decision from the Ninth Circuit Court of Appeals (“Ninth Circuit”)...more
The U.S. Court of Appeals for the Ninth Circuit has issued a pivotal ruling that is likely to reshape privacy litigation for e-commerce platforms. In Briskin v. Shopify, Inc., the Court held that Shopify, despite being...more
In a significant decision for privacy class action litigation, a federal judge in California recently denied the certification of a proposed class action involving claims under the state’s invasion of privacy law. The May 29...more
It’s 2025, and somehow, we’re still dealing with lawsuits over a law that was born in the pen registers and rotary phones era. That law, the California Invasion of Privacy Act (CIPA), a decades-old statute that’s suddenly...more
On June 3, 2025, the California Senate unanimously passed Senate Bill 690 (SB 690), a bill that seeks to add a “commercial business purposes” exception to the California Invasion of Privacy Act (CIPA)....more