The ‘Long Arm’ of CIPA and Its Newfound Pen-Trap Claims
Welcome to the Summer of Privacy! As we hit the middle of 2025, California is once again the focus of our attention, as both its legislators and regulators are attempting to square privacy protections with developing...more
A California bill aimed at curbing the explosion of lawsuits filed against businesses using common website tools like cookies, pixels, and session replay software has stalled out in the 2025 legislative session, meaning your...more
On July 1, 2025, a hearing was held in the California Assembly Committee on Public Safety concerning Senate Bill 690, which aims to stem the tide of lawsuits targeting routine website analytics and marketing tools by amending...more
The Ninth Circuit heard oral arguments on June 10, 2025, in three closely watched appeals—Gutierrez v. Converse Inc., Mikulsky v. Bloomingdale’s, LLC, and Thomas v. Papa John’s International, Inc.—that could shape the future...more
The Ninth Circuit court of appeals reviewed three separate proposed class actions against Papa John’s International Inc., Converse Inc., and Bloomingdale’s, all centered on whether certain website tracking activities violated...more
Readers of this blog are aware of the barrage of California Invasion of Privacy (“CIPA”) claims brought against online companies. Recently, an unfavorable decision from the Ninth Circuit Court of Appeals (“Ninth Circuit”)...more
In Mikulsky v. Bloomingdale’s (June 2025), the U.S. Court of Appeals for the Ninth Circuit reversed the dismissal of a California Invasion of Privacy Act (CIPA) class action, holding that the plaintiff sufficiently alleged...more
On June 3, 2025, the California Senate unanimously passed Senate Bill 690 (SB 690) in a 35-0 vote, a strong show of support for reining in a flood of lawsuits that have taken many companies by surprise over the last few...more
A new lawsuit just filed against an AI software provider offers a clear warning for any business using artificial intelligence to monitor or record customer service calls. On June 13, a California plaintiff filed a federal...more
A national leader in privacy law, California was among the first states to include an express right to privacy in its constitution, create a data breach notification law, and codify robust consumer data protections. ...more
It’s 2025, and somehow, we’re still dealing with lawsuits over a law that was born in the pen registers and rotary phones era. That law, the California Invasion of Privacy Act (CIPA), a decades-old statute that’s suddenly...more
On June 3, 2025, the California Senate passed Senate Bill 690 ("SB 690") in a unanimous 35-0 vote, advancing a measure that would significantly limit lawsuits under the California Invasion of Privacy Act ("CIPA") against...more
On June 3, 2025, the California Senate unanimously passed Senate Bill 690 (SB 690), a bill that seeks to add a “commercial business purposes” exception to the California Invasion of Privacy Act (CIPA)....more
Readers may recall prior pieces in which we discussed a pair of law firms responsible for bringing California Invasion of Privacy Act (“CIPA”) arbitration demands against online businesses. These CIPA arbitration demands...more
On May 19, 2025, the California Senate Appropriations Committee, which handles budgetary and financial matters, held a hearing on California Senate Bill 690 (SB 690). The proposed bill would amend the California Invasion of...more
Online businesses are increasingly facing a wave of arbitration demands under the California Invasion of Privacy Act (“CIPA”) and similar laws. Enterprising law firms have been at the forefront of this trend, filing claims on...more
California Senate Bill 690 (SB 690), introduced by Senator Anna Caballero, is continuing to proceed through the California state legislative process. The proposed bill would amend the California Invasion of Privacy Act (CIPA)...more
There is never a boring moment in California privacy law, and these past weeks have been no exception. From major modifications to proposed California Consumer Protection Act (CCPA) rulemaking on automated decision-making...more
On April 29, 2025, the Senate Public Safety Committee voted 6-0 to advance legislation that would exempt processing of personal information for a commercial business purpose from coverage by the California Invasion of Privacy...more
Companies doing business in California continue to face a surge in privacy-related complaints and lawsuits under the California Invasion of Privacy Act (CIPA), a 1960s-era law designed to prevent unlawful telephone...more
In a big win for businesses, a California federal court just held that a “tester” plaintiff – someone who visits websites for purposes of initiating litigation – cannot bring a claim under the California Invasion of Privacy...more
As the privacy litigation landscape continues to take shape, search bars have quietly become a Trojan horse in online data collection, carrying new legal theories into the California Invasion of Privacy Act (CIPA) arena. The...more
Readers of this blog know about the never-ending barrage of consumer privacy litigation commenced against online companies in connection with their collection of consumer data. Several of these cases have recently been filed...more
Recent months have seen a dramatic increase in demand letters and litigation targeting websites and mobile apps. These claims often allege privacy violations stemming from the use of various technologies such as chat bots,...more
Keypoint: In this post: (1) How a privacy policy can defeat a plaintiff’s “delayed discovery” argument; (2) Two CA state courts reject plaintiffs’ allegations concerning personal jurisdiction; (3) Three courts dismiss PR/TT...more