Video game developer Ubisoft, Inc. came out on top earlier this month in the Northern District of California when a judge dismissed, with prejudice, a class action claiming that the company’s use of third-party website pixels...more
In a big win for businesses, a California federal court just held that a “tester” plaintiff—someone who visits websites to initiate litigation—cannot bring a claim under the California Invasion of Privacy Act (CIPA)....more
Yahoo’s ConnectID is a cookieless identity solution that allows advertisers and publishers to personalize, measure, and perform ad campaigns by leveraging first-party data and 1-to-1 consumer relationships. ConnectID uses...more
This week, the California Privacy Protection Agency (CPPA) board held its April meeting to discuss the latest set of proposed regulations, including automated decision-making technology (ADMT) regulations. Instead of...more
California Cryobank, LLC, the largest sperm bank in the country, faces a lawsuit in the U.S. District Court for the Central District of California over an April 2024 data breach. Cryobank provides frozen donor sperm and...more
The Pennsylvania State Education Association (PSEA) faces a class action resulting from a July 2024 data breach. The proposed class consists of current and former members of the union as well as PSEA employees and their...more
Last week, the California Privacy Protection Agency (CPPA) settled its first non-data broker enforcement action against American Honda Motor Co. for a $632,500 fine and the implementation of certain remedial actions....more
The California Privacy Protection Agency (CPPA) the agency responsible for implementing and enforcing the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) (collectively the CCPA), protecting...more
Edison Electric Institute (EEI), an association that represents all U.S. investor-owned electric companies, petitioned the Federal Communications Commission (FCC) to permit calls and texts under the Telephone Consumer...more
A federal district court has denied a motion by Johnson & Johnson Consumer Inc. (JJCI) to dismiss a second amended complaint alleging it violated the Illinois Biometric Information Privacy Act (BIPA) by collecting and storing...more
3/14/2025
/ Biometric Information ,
Biometric Information Privacy Act ,
Class Action ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Illinois ,
Johnson & Johnson ,
Mobile Apps ,
Prior Express Consent ,
State Privacy Laws ,
Statutory Violations
The California Privacy Protection Agency (CPPA) and Background Alert, Inc. (a California-based data broker) settled allegations that Background Alert failed to register and pay the annual fee required by the California Delete...more
3/7/2025
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Data Brokers ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
Personal Data ,
Privacy Laws ,
State Privacy Laws
Beware of demand letters from plaintiffs’ attorneys for allegations of illegal use of pen registers, trap and trace pixels, and search bar pixels—why? This “trap and trace” litigation is a growing trend for plaintiffs’...more
2/28/2025
/ California ,
CIPA ,
Consent ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Demand Letter ,
Litigation Strategies ,
Privacy Laws ,
State Privacy Laws ,
Web Tracking ,
Wiretapping
Almost every business has a website; every website should have a privacy policy, terms of use, and, in some cases, a consumer privacy rights notice—if certain state consumer privacy rights laws apply to your business, such as...more
2/21/2025
/ California Consumer Privacy Act (CCPA) ,
Consent ,
Consumer Privacy Rights ,
Cookies ,
Data Collection ,
Data Privacy ,
Privacy Laws ,
Privacy Policy ,
State Privacy Laws ,
Web Tracking ,
Websites
Last week, a class action was filed against NewsBank, Inc., a Florida-based news database company, related to a 2024 breach of employee personal information.
NewsBank provides a database of archived news publications...more
2/21/2025
/ Class Action ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Employee Privacy Rights ,
Employee Rights ,
Identity Theft ,
Personal Data ,
Personal Information ,
Privacy Laws
Stemming from Colorado’s Concerning Consumer Protections in Interactions with Artificial Intelligence Systems Act (the Act), which will impose obligations on developers and deployers of artificial intelligence (AI), the...more
Ethical hackers identified an arbitrary account takeover flaw in the administrator portal for Subaru’s Starlink service, which could allow a threat actor to hijack a vehicle through a Subaru employee account. This...more
1/31/2025
/ Automotive Industry ,
Connected Cars ,
Consumer Privacy Rights ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Hackers ,
Manufacturers
The Oregon Department of Justice (DOJ) released a new toolkit sharing with Oregonians how to protect their online information to celebrate Data Privacy Day. The toolkit includes information on how consumers can exercise their...more
Singapore-based Chinese video game developer Cognosphere, dba HoYoverse, known for “Genshin Impact,” a role-playing game involving collectible characters with unique fighting skills, has agreed to pay $20 million to settle...more
On January 16, 2025, the Federal Trade Commission (FTC) issued a press release stating, “The updated [Children’s Online Privacy Protection Act (COPPA)] rule strengthens key protections for kids’ privacy online. By requiring...more
The California Attorney General published two legal advisories this week: Legal Advisory on the Application of Existing California Laws to Artificial Intelligence. Legal Advisory on the Application of Existing California Law...more
1/17/2025
/ Artificial Intelligence ,
California ,
California Consumer Privacy Act (CCPA) ,
Compliance ,
Consumer Privacy Rights ,
Consumer Protection Laws ,
Data Privacy ,
Data Protection ,
Healthcare ,
Popular ,
Privacy Laws
TikTok users are seeking alternate platforms to share and view content as the U.S. is set to ban the popular social media app on January 19, 2025. Instead of turning to U.S.-based companies like Facebook or Instagram, users...more
At the close of 2024, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) issued a Notice of Proposed Rulemaking (the Proposed Rule) to amend the Security Rule regulations established...more
American Addiction Centers Inc. faces a class action in the Middle District of Tennessee for allegations that it violated the Health Insurance Portability and Accountability Act (HIPAA) by failing to protect patient data from...more
2024 was a year chock-full of data breaches and privacy violations. Many new data privacy and cybersecurity regulations were introduced (and became effective), and regulators sent a strong message to businesses that privacy...more
1/3/2025
/ Biometric Information ,
Class Action ,
Compliance ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
FCC ,
Fines ,
Personal Data ,
Ransomware ,
Regulatory Oversight ,
Settlement
Earlier this month, after the conclusion of the public comment period, the Colorado Department of Law adopted amendments to the Colorado Privacy Act (CPA), which grants rights to Colorado consumers concerning their personal...more
12/20/2024
/ Biometric Information ,
Colorado ,
Consumer Privacy Rights ,
Data Collection ,
Data Controller ,
Data Privacy ,
Data Protection ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Right to Delete ,
State Privacy Laws