Life With GDPR: Cookie Compliance
Universal Consent: Building Beyond Cookie Consent
Data Dividend: What is Personal Data Worth?
Privacy Litigation Trends: Meta Pixels, Cookie Opt-Out, and Sale of Data
Data Revolution: How U.S. Privacy Laws Change the Way Data Should be Managed by Retail and Tech Industries
Fashion Counsel: Privacy in the Retail Fashion Industry
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
In an increasingly data-driven digital landscape, businesses are constantly seeking tools to better understand and optimize user experiences. One such tool is session replay—a powerful technology that allows organizations to...more
The Data (Use and Access) Bill passed both Houses of UK Parliament and received Royal Assent on 19 June 2025, now becoming the Data (Use and Access) Act 2025 (“DUA Act”). This is the final iteration of the Data Protection and...more
An increasingly aggressive plaintiffs’ bar has brought purported class action suits based on the nearly ubiquitous use of tracking technologies used for website analytics. Although any actual harm to the plaintiffs is...more
In recent weeks, the EU and UK have both introduced changes to their respective versions of Europe’s landmark privacy legislation, the General Data Protection Regulation (GDPR). These reforms mark the first substantial...more
In April of this year, the California Privacy Protection Agency imposed a $632,500.00 monetary penalty on American Honda Motor Co. In our discussion of that action - Are Cookies Banners Crumbling? – we raised the alarm for...more
The California attorney general’s (AG) July 1, 2025, proposed settlement with Healthline Media LLC (Healthline) marks the third cookie-related California Consumer Privacy Act (CCPA) settlement in as many months (alongside the...more
Websites are ubiquitous, and so are cookies and tracking pixels (a/k/a web beacons). A web browser uses cookies to store login details and preferences; the cookies also track and profile user behavior. When visiting a...more
A California bill aimed at curbing the explosion of lawsuits filed against businesses using common website tools like cookies, pixels, and session replay software has stalled out in the 2025 legislative session, meaning your...more
Healthline Media has agreed to pay $1.55 million to resolve allegations that it violated the California Consumer Privacy Act (CCPA) – which is the largest settlement to date under the state’s landmark privacy law. The...more
On June 19, 2025, the UK Data (Use and Access) Act 2025 was enacted, marking the culmination of a lengthy legislative process aimed at reshaping aspects of the country’s data protection regime. First proposed in 2021 as part...more
In a significant win for the defense, a California federal judge denied class certification in a California Invasion of Privacy Act (CIPA) suit alleging that AddShoppers and Peet’s Coffee unlawfully tracked website visitors...more
On June 19, 2025, the UK Data Use and Access Bill (DUA Bill) finally received Royal Assent and passed into law as the Data Use and Access Act 2025 (DUA Act). The DUA Act amends the UK General Data Protection Regulation (UK...more
After a legislative reform that has seen four different Prime Ministers, three different Bills and many deliberations across both Houses of Parliament, the UK is now on course to introduce some changes to the data protection...more
On 14 May 2025, the Brussels Court of Appeal (Market Court) delivered the long-awaited judgement in the case concerning the Transparency & Consent Framework (“TCF”) (case no. 2022/AR/292). The Court largely upheld the...more
It’s 2025, and somehow, we’re still dealing with lawsuits over a law that was born in the pen registers and rotary phones era. That law, the California Invasion of Privacy Act (CIPA), a decades-old statute that’s suddenly...more
Orrick's Founder Series offers monthly top tips for UK startups on key considerations at each stage of their lifecycle, from incorporating a company through to possible exit strategies. The Series is written by members of our...more
On May 19, 2025, the California Senate Appropriations Committee, which handles budgetary and financial matters, held a hearing on California Senate Bill 690 (SB 690). The proposed bill would amend the California Invasion of...more
Trends and areas of focus under U.S. state data protection laws emerge as U.S. states with data protection laws in place increase enforcement actions and coordination....more
California Senate Bill 690 (SB 690), introduced by Senator Anna Caballero, is continuing to proceed through the California state legislative process. The proposed bill would amend the California Invasion of Privacy Act (CIPA)...more
eDiscovery case law disputes are racing toward us! In our May 2025 monthly webinar of cases covered by the eDiscovery Today blog we will discuss disputes related to certification of production and discovery errors,...more
On April 24 2025, the French supervisory authority (CNIL) issued a draft recommendation to address challenges in collecting user consent for cookies and trackers across multiple devices (the Draft Recommendation). The new...more
On May 6, the California Privacy Protection Agency (CPPA) issued a decision requiring national clothing retailer Todd Snyder, Inc. to change its business practices and pay a $345,178 administrative fine....more
Every week, the Array team reviews the latest news and analysis about the evolving field of eDiscovery to bring you the topics and trends you need to know. This week’s post covers the period of April 27-May 3. Here’s what’s...more
Wild, wild, west? Web tracking may be the new frontier in class action litigation. With thousands of lawsuits filed in California and increasingly in other states against organizations, including many who may not realize the...more
In a landmark ruling, the Ninth Circuit expanded the application of specific personal jurisdiction principles to the realm of nationwide e-commerce. On April 21, 2025, an en banc panel issued a 10–1 decision ruling that...more