Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Embracing Data Privacy to Drive Business Growth: On Record PR
In this post: (1) Website tracking litigation risk remains as SB 690 is designated “two-year bill”; (2) Second Circuit reinforces narrower interpretation of PII to “shut the door for Pixel-based VPPA claims”; (3) Courts...more
The Northern District of California recently dismissed, with prejudice, a purported class action against Royal Caribbean Cruises Ltd. (Royal Caribbean), alleging a violation of the California Invasion of Privacy Act (CIPA)...more
When a court begins its order denying class certification by lamenting the “failure to properly vet named plaintiffs” and “seeming unwillingness to promptly address issues that arise during litigation with named plaintiffs”...more
In a significant decision for privacy class action litigation, a federal judge in California recently denied the certification of a proposed class action involving claims under the state’s invasion of privacy law. The May 29...more
Over the last several years, California appellate courts have begun to align the threshold standing analysis under California law with the federal Article III standing requirements, presenting an emergingly viable...more
On January 31, 2025, in Campos v. TJX Companies, Inc., No. 24-cv-11067, the District of Massachusetts granted a motion to dismiss a class action due to the plaintiff’s lack of standing. The court concluded that the named...more
Federal Trade Commission Protects Worship Location Data Shannon Britton Hartsfield and Bess Hinson-Greenspan Recent Federal Trade Commission (FTC) enforcement activity signals that companies need to protect consumer location...more
In a prior alert, we predicted an uptick in class action complaints brought under the California Invasion of Privacy Act (CIPA) alleging that modern website analytical tools such as pixels, cookies and session replay software...more
Courts across the country are becoming skeptical of data breach and web tracking claims that assert theoretical privacy violations without alleging any actual injury to the plaintiffs. Recent decisions underscore that courts...more
If you are “tester” who actively seeks out privacy violations and files lawsuits to ensure legal compliance (as many class action lawsuit plaintiffs are), you do NOT have Article III standing to sue, according to a recent...more
In data breach litigation, courts generally find plaintiffs have standing such that their complaints may proceed past the pleading stage when it is alleged that sensitive information was impacted and there is an allegation of...more
The growing prevalence of data breaches has led to an uptick in class action litigation based on consumers' personal information allegedly being accessed. A common theme emerging in these lawsuits is plaintiffs claiming that...more
On February 10, 2025, the first class action complaint was filed pursuant to Washington’s MY Health MY Data Act (“MHMDA”), Wash. Rev. Code Ann. § 19.373.005 et seq. See Maxwell v. Amazon.com, Inc. et al., Case No. 2:25-cv-261...more
On February 18, 2025, US District Judge Edgardo Ramos of the United States District Court of the Southern District of New York granted the defendant’s motion to dismiss against a plaintiff bringing claims under California...more
On Jan. 24, the Illinois Supreme Court, in Petta v. Christie Business Holdings Company, PC, affirmed the dismissal of a putative class action following an alleged data breach because the named plaintiff failed to allege any...more
The New Jersey privacy statute – “Daniel’s Law” – has been in full effect for only a little more than a year now, but New Jersey courts have already been inundated with a wave of lawsuits. In February 2024 alone, more than...more
Data breaches have become a serious issue for businesses, leading to numerous putative class action lawsuits alleging that the defendants failed to prevent the unauthorized disclosure of personally identifiable information or...more
There has been a recent surge of privacy class action lawsuits under the Arizona Telephone, Utility, and Communication Service Records Act targeting the use of common email marketing analytics technologies. Defendants are...more
Courts and class action counsel have been considering what kinds of injuries can confer standing to pursue federal claims following the Supreme Court’s 2021 decision in TransUnion LLC v. Ramirez, which held that the...more
A number of federal privacy laws provide private rights of action, allowing individuals (or class actions) to bring claims alleging violations of certain privacy laws. Some examples of these statutes include the Video Privacy...more
On June 25, 2021, the Supreme Court issued an important decision on Article III standing in class actions that will have a significant impact on the way class actions are certified - and will likely scuttle numerous ...more
Since the Supreme Court’s decision in Spokeo, Inc. v. Robins, 136 S. Ct. 1540 (2016), courts have grappled with what constitutes a sufficient injury in fact to satisfy Article III standing requirements. Predominant Issues...more
THE SUPREME COURT CONFIRMED THAT RUSSIAN USERS MAY FILE A LAWSUIT AGAINST AN AMERICAN SOCIAL NETWORK TO A RUSSIAN COURT - The Supreme Court of the Russian Federation reviewed a case initiated by a number of Internet users...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the Seventh Circuit's ruling finding standing for an Illinois Biometric Information Privacy Act claim, the European Data Protection Board's updated...more
In this month's edition, we examine the California attorney general's proposed modified regulations under the CCPA, the Treasury Department's new CFIUS regulations, and the SEC Office of Compliance Inspections and...more