Privacy Counsel

In a putative class action filed on June 28, 2023, in the Northern District of California, and in other similar cases, plaintiffs allege that OpenAI, Microsoft, and their respective affiliates violated the privacy rights of millions of internet users through large-scale data scraping.

In the closely-watched first case to go to trial under the Illinois Biometric Information Privacy Act (BIPA), a federal judge has now vacated a $228 million award of statutory liquidated damages. The judge concluded that damages under BIPA are discretionary and ordered a new trial on damages.

Companies around the world are rushing to integrate generative artificial intelligence (GenAI) into their user interfaces to automate and deliver tailored website and application interfaces, customer service interactions, and advertising content to individual users in more personalized ways than eve

In the United States, the principle of data minimization is embedded firmly within the Federal Trade Commission (FTC) Act, through FTC enforcement activities, and in the host of state-level privacy laws and rules that have proliferated in recent years.

Data protection assessments are required for high-risk processing activities in a rapidly growing set of federal, state, and international comprehensive privacy laws.

Pixels are the new cookies. Here we go again. The Federal Trade Commission is continuing its assault on trackers with its latest enforcement actions against GoodRx Inc. and BetterHelp Inc.

Headlines that Matter for Privacy and Data Security.

A split Illinois Supreme Court issued on Friday another long-awaited decision interpreting the Illinois Biometric Information Privacy Act (BIPA), holding that a separate BIPA violation occurs with each undisclosed and unconsented-to scan or transmission of an individual’s biometric identifier.

In recent months, there has been a surge of class actions brought under the Illinois Biometric Information Privacy Act (BIPA) against retailers using virtual “try-on” features on their websites.

In a long-awaited development, on February 2, 2023, the Illinois Supreme Court held that all claims under the Illinois Biometric Information Privacy Act (BIPA) are subject to a five-year statute of limitations. 

The newest old privacy law being weaponized in consumer class actions is the Video Privacy Protection Act (VPPA), a Reagan- era law passed in the wake of Judge Robert Bork’s video rental history being leaked to the press.  

Five new state omnibus privacy laws take effect in 2023, with two that already kicked in on January 1.

Headlines that Matter for Privacy and Data Security.

Illinois Biometric Information Privacy Act (BIPA) class action lawsuits were heavily litigated again in 2022, as plaintiffs continued to target companies using biometric technology and their vendors. At the same time, avoiding liability continued to be a challenge for businesses defending BIPA cases

Headlines that Matter for Privacy and Data Security.

Headlines that Matter for Privacy and Data Security.

Businesses defending class actions under the Illinois Biometric Information Privacy Act (BIPA) have struggled to defeat claims in recent years, as courts have rejected a succession of defenses.

Headlines that Matter for Privacy and Data Security.

According to a recent unpublished Ninth Circuit ruling, obtaining consent prior to using recording technologies is required for purposes of the California Invasion of Privacy Act (CIPA). This ruling is notable for website operators as it signals obtaining targeted consent.

Headlines that Matter for Privacy and Data Security.

Five new state omnibus privacy laws have been passed and will go into effect in 2023. 
Organizations should review their privacy practices and prepare for compliance with these new privacy laws.

The Federal Trade Commission (FTC) recently cracked down on Lithionics Battery, LLC, and Lions Not Sheep Products, LLC, for violating the FTC’s Made in USA Labeling Rule. These are some of the first enforcement actions after the FTC codified its longstanding informal Made in USA guidance.

Headlines that Matter for Privacy and Data Security.

As more states enact their own privacy laws, members of the privacy community and those impacted by privacy legislation continue to push for uniformity. The American Data Privacy and Protection Act (ADPPA) addresses this growing concern by drafting a uniform national data privacy framework.

The California Privacy Protection Agency (CPPA) published California Privacy Rights Act (CPRA) proposed regulations (Regulations) on May 27, 2022. The Regulations provide helpful insight into the CPPA’s vision for the CPRA and help to better prepare businesses.