Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Embracing Data Privacy to Drive Business Growth: On Record PR
In this post: (1) Website tracking litigation risk remains as SB 690 is designated “two-year bill”; (2) Second Circuit reinforces narrower interpretation of PII to “shut the door for Pixel-based VPPA claims”; (3) Courts...more
The Northern District of California recently dismissed, with prejudice, a purported class action against Royal Caribbean Cruises Ltd. (Royal Caribbean), alleging a violation of the California Invasion of Privacy Act (CIPA)...more
When a court begins its order denying class certification by lamenting the “failure to properly vet named plaintiffs” and “seeming unwillingness to promptly address issues that arise during litigation with named plaintiffs”...more
In a significant decision for privacy class action litigation, a federal judge in California recently denied the certification of a proposed class action involving claims under the state’s invasion of privacy law. The May 29...more
Over the last several years, California appellate courts have begun to align the threshold standing analysis under California law with the federal Article III standing requirements, presenting an emergingly viable...more
On January 31, 2025, in Campos v. TJX Companies, Inc., No. 24-cv-11067, the District of Massachusetts granted a motion to dismiss a class action due to the plaintiff’s lack of standing. The court concluded that the named...more
In a prior alert, we predicted an uptick in class action complaints brought under the California Invasion of Privacy Act (CIPA) alleging that modern website analytical tools such as pixels, cookies and session replay software...more
Courts across the country are becoming skeptical of data breach and web tracking claims that assert theoretical privacy violations without alleging any actual injury to the plaintiffs. Recent decisions underscore that courts...more
If you are “tester” who actively seeks out privacy violations and files lawsuits to ensure legal compliance (as many class action lawsuit plaintiffs are), you do NOT have Article III standing to sue, according to a recent...more
In data breach litigation, courts generally find plaintiffs have standing such that their complaints may proceed past the pleading stage when it is alleged that sensitive information was impacted and there is an allegation of...more
The growing prevalence of data breaches has led to an uptick in class action litigation based on consumers' personal information allegedly being accessed. A common theme emerging in these lawsuits is plaintiffs claiming that...more
On February 10, 2025, the first class action complaint was filed pursuant to Washington’s MY Health MY Data Act (“MHMDA”), Wash. Rev. Code Ann. § 19.373.005 et seq. See Maxwell v. Amazon.com, Inc. et al., Case No. 2:25-cv-261...more
On Jan. 24, the Illinois Supreme Court, in Petta v. Christie Business Holdings Company, PC, affirmed the dismissal of a putative class action following an alleged data breach because the named plaintiff failed to allege any...more
Data breaches have become a serious issue for businesses, leading to numerous putative class action lawsuits alleging that the defendants failed to prevent the unauthorized disclosure of personally identifiable information or...more
There has been a recent surge of privacy class action lawsuits under the Arizona Telephone, Utility, and Communication Service Records Act targeting the use of common email marketing analytics technologies. Defendants are...more
Courts and class action counsel have been considering what kinds of injuries can confer standing to pursue federal claims following the Supreme Court’s 2021 decision in TransUnion LLC v. Ramirez, which held that the...more
On June 25, 2021, the Supreme Court issued an important decision on Article III standing in class actions that will have a significant impact on the way class actions are certified - and will likely scuttle numerous ...more
As we face mounting data breaches and fears over loss of privacy, the article notes that, “as the public opinion evolves and increasingly concludes that merely possessing private data puts consumers at risk, consumers may...more
The Illinois Supreme Court ruled that an Illinois biometric privacy law does not require individuals to show they suffered harm other than a violation of the law in order to bring suit. As a result, entities are at a greater...more
On December 28, 2016, the New York Department of Financial Services ("DFS") released a revised version of a proposed regulation that would require banks, insurance companies, and other financial services institutions...more
This week, in Meyers v. Nicolet Rest. of de Pere, LLC, No. 16-2075 (7th Cir. Dec. 13, 2016), the Seventh Circuit narrowed standing to bring lawsuits under the Fair and Accurate Credit Transactions Act (FACTA) in holding that...more
On the May morning that the Supreme Court handed down its ruling in Spokeo, Inc. v. Robins, I was among those who read the case as a bellwether. The Spokeo appeal addressed a long-festering issue about whether Congress may...more
In this edition of our Privacy & Cybersecurity Update, we highlight guidance issued by the Irish data protection authority regarding the use of location data, as well as the FTC's request for comment on its Standards for...more
Law360, New York (July 1, 2016, 12:12 PM ET) -- The U.S. Supreme Court made a big splash this year establishing a murky threshold for standing that has already been widely cited by both sides of the bar, while consumers...more
In this edition of our Privacy & Cybersecurity Update, we examine the impact of Brexit on EU data protection, court rulings on cyber insurance policy exclusions and coverage gaps, recent statements from the FTC and the...more