Life With GDPR: Cookie Compliance
Universal Consent: Building Beyond Cookie Consent
Data Dividend: What is Personal Data Worth?
Privacy Litigation Trends: Meta Pixels, Cookie Opt-Out, and Sale of Data
Data Revolution: How U.S. Privacy Laws Change the Way Data Should be Managed by Retail and Tech Industries
Fashion Counsel: Privacy in the Retail Fashion Industry
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
In announcing a joint investigation into the implementation of Global Privacy Controls (GPC) earlier this week, the California Privacy Protection Agency (CPPA) and attorneys general from California, Colorado and Connecticut...more
Here are the top ten items you should tackle in September, based on the latest workplace law developments and upcoming critical compliance dates...more
The UK Information Commissioner’s Office has launched two consultations as part of the transition to the Data User and Access Act framework. These consultations will be of particular interest to organisations operating...more
Website operators secured another win in the protracted battle over third-party website cookies last week when a California state court held that these common tech features were not “trap and trace” devices and therefore a...more
In December 2024, Jonathan Gabrielli filed several claims alleging that Motorola Mobility LLC (Motorola) misrepresented its data usage policy and shared his personal data with third parties, including Google, Amazon, and...more
Like a zombie apocalypse, hordes of California Invasion of Privacy Act (“CIPA”) claims have chased corporate defendants to court where they were held off for a time, until, clawing at the courthouse doors, CIPA claims broke...more
In April of this year, the California Privacy Protection Agency imposed a $632,500.00 monetary penalty on American Honda Motor Co. In our discussion of that action - Are Cookies Banners Crumbling? – we raised the alarm for...more
Websites are ubiquitous, and so are cookies and tracking pixels (a/k/a web beacons). A web browser uses cookies to store login details and preferences; the cookies also track and profile user behavior. When visiting a...more
A California bill aimed at curbing the explosion of lawsuits filed against businesses using common website tools like cookies, pixels, and session replay software has stalled out in the 2025 legislative session, meaning your...more
Healthline Media has agreed to pay $1.55 million to resolve allegations that it violated the California Consumer Privacy Act (CCPA) – which is the largest settlement to date under the state’s landmark privacy law. The...more
In a significant win for the defense, a California federal judge denied class certification in a California Invasion of Privacy Act (CIPA) suit alleging that AddShoppers and Peet’s Coffee unlawfully tracked website visitors...more
It’s 2025, and somehow, we’re still dealing with lawsuits over a law that was born in the pen registers and rotary phones era. That law, the California Invasion of Privacy Act (CIPA), a decades-old statute that’s suddenly...more
Orrick's Founder Series offers monthly top tips for UK startups on key considerations at each stage of their lifecycle, from incorporating a company through to possible exit strategies. The Series is written by members of our...more
Businesses just received some good news when a federal court dismissed a California Invasion of Privacy Act (CIPA) claim that aimed to expand the reach of the state’s wiretapping law to cover internet communications. The...more
Video game developer Ubisoft, Inc. came out on top earlier this month in the Northern District of California when a judge dismissed, with prejudice, a class action claiming that the company’s use of third-party website pixels...more
In a big win for businesses, a California federal court just held that a “tester” plaintiff – someone who visits websites for purposes of initiating litigation – cannot bring a claim under the California Invasion of Privacy...more
In late March, an online retailer successfully asserted consent as a complete defense to a putative Pennsylvania Wiretapping and Electronic Surveillance Control Act of 1978 (WESCA) class action lawsuit, resulting in the...more
Recent months have seen a dramatic increase in demand letters and litigation targeting websites and mobile apps. These claims often allege privacy violations stemming from the use of various technologies such as chat bots,...more
An oft-discussed topic on this blog is the rise in lawsuits asserting illegal wiretapping claims against companies that use technology on their websites to track consumer interactions. Recently, a Pennsylvania federal judge...more
Almost every business has a website; every website should have a privacy policy, terms of use, and, in some cases, a consumer privacy rights notice—if certain state consumer privacy rights laws apply to your business, such as...more
Two recent court decisions have provided businesses with long-awaited clarity on the reach of the California Invasion of Privacy Act (CIPA) – and could begin to redefine digital privacy litigation for the better. Two separate...more
Following our recent client alert, learn more about enforcement targeting website tracking technologies and the impact on organizations in 2025. Elliot Golding and David Saunders share further insights from working with...more
In what appears to be a first-of-its-kind decision, a California federal court just granted class certification in a wiretapping claim brought against a website operator that used third-party technology to track users’...more
Countless hours are being spent categorizing cookies and other tracking technologies to work with consent management platforms, part of a purpose-built industry aiming to help companies deal with the increasingly complex and...more
Many people are thinking of holiday cookies at this time of year, but your favorite privacy lawyers are still thinking more about the non-delicious kind: those enabling common features on websites and online services. That’s...more