Category Archives: Privacy

Subscribe to Privacy RSS Feed

The Supreme Court Reenters the Fray on Privacy

On June 5, the Supreme Court agreed to review a case addressing an individual’s expectation of privacy in his or her historical cellphone location records. This case may well change the way we approach individual privacy in the digital age – not only with regard to cell phone records, but also information relating to email … Continue Reading

FTC / DAA Extend Data Privacy Focus to Cross-Device Tracking

Enforcement of the Digital Advertising Alliance “Application of the Principles of Transparency and Control to Data Used Across Devices” (DAA Cross-Device Principles) officially began on February 1, just a week after the FTC issued a staff report discussing the application of the FTC Online Behavioral Advertising Principles in the context of “Cross Device Tracking” and … Continue Reading

What You Really Need To Know About The GDPR

Much has been written about the challenges and issues that companies will face when implementing new policies and adjusting to the obligations of the new European General Data Protection Regulation, GDPR in short. The following paragraphs will give you the gist of the new Regulation and the essential elements that you must take into consideration … Continue Reading

Don’t Lose Your DMCA Safe Harbor Protection!

The U.S. Copyright Office’s new electronic system for copyright-agent registration and maintenance goes into effect on December 1, 2016, and with it comes new rules. Beginning December 1, all online service providers must submit new designated-agent information to the Copyright Office through the online registration system. Electronic designations should be filed on December 1, 2016, … Continue Reading

FCC Issues New Privacy Rules for Internet Service Providers: Safeguarding Consumers or Lulling Them Into A False Sense of Privacy?

Last Thursday, in a vote split along party lines, the Federal Communications Commission (“FCC”) approved a new regulatory regime staking its claim to privacy regulation of both fixed and mobile Internet service providers (“ISPs”) like Comcast, Verizon, and AT&T.  The FCC’s rules follow its decision in the Open Internet Order, released last year and analyzed … Continue Reading

Update on Data Breach and Data Privacy Class Actions Post-Spokeo

In May, the U.S. Supreme Court issued its opinion in Spokeo v. Robins, providing guidance on the “injury-in-fact” aspect of the constitutional standing requirement for putative class action plaintiffs.  136 S. Ct. 1540 (2016), as revised (May 24, 2016).  Spokeo was quickly hailed by both plaintiff- and defense-side lawyers as a major victory, but in … Continue Reading

Six Things You Need to Know Before Collecting Biometric Information

1. Illinois and Texas recently enacted laws regulating the collection and use of biometric information (e., information based on an individual’s biometric identifiers, such as iris scans, fingerprints, voiceprints, or facial geometry) and a number of other states, including New York and California, are considering adopting such statutes. The Illinois Biometric Information Privacy Act (“BIPA”) … Continue Reading

Let’s Go Crazy: The FTC and FCC Launch “Parallel” Investigations Into Security Updates of Mobile Communications Industry

Earlier this week, the FTC and FCC announced “parallel” investigations into how carriers and mobile device makers release information on vulnerabilities, and how and when mobile security patches are distributed. The regulators, who have publicly jockeyed for position on privacy and cybersecurity matters in the past year, appear to have reached a truce of sorts, … Continue Reading

NTIA Issues Request for Comments on Policies Related to Cyber Threats Surrounding Internet of Things

On April 6, 2016, National Telecommunications and Information Administration (NTIA) issued a federal notice to request public comment on the benefits, challenges, and potential roles for the government in fostering the advancement of the Internet of Things (IoT).  (RFC at http://www.ntia.doc.gov/files/ntia/publications/fr_rfc_iot_04062016.pdf). Comments are due on May 23, 2016.… Continue Reading

Mooting Class Actions by Offer of Judgment – Episode 2: The Ninth Circuit Strikes Back

In Campbell-Ewald v. Gomez, 136 S. Ct. 663 (Jan. 20, 2016), the Supreme Court resolved a split among courts and held that an unaccepted settlement offer of complete individual relief does not moot the plaintiff’s lawsuit.  However, the Court expressly left open the question of “whether the result would be different if a defendant deposits … Continue Reading

Mooting Plaintiff’s Class Action Even After Plaintiff Refuses An Offer Of Judgment

For years, litigants have battled over whether a defendant’s offer of judgment, which completely satisfies the plaintiff’s individual claim, can moot a class action. In Campbell-Ewald v. Gomez, 136 S. Ct. 663 (2016), the U.S. Supreme Court recently held that no case is mooted when a plaintiff refuses to accept an offer of judgment.  The … Continue Reading

To Share or Not to Share (with the Government)? That is the Question: DHS Announces Interim Guidelines for Sharing Cyber Threat Indicators

On February 16, 2016, Secretary of Homeland Security Jeh Johnson announced interim guidelines and procedures for sharing cyber threat indicators under the Cybersecurity Information Sharing Act of 2015 (“CISA”). Because the guidelines are voluntary, the next question is, Should your company share information with the Government?… Continue Reading

EU-US Privacy Shield: Still Awaiting Certainty

The European Perspective Privacy activists across Europe raised their data protection banner following the announcement by EU Commissioner for Justice, Consumers and Gender Equality Věra Jourová on Tuesday 2 February 2016 that a political agreement had been reached between the EU and the US on a new framework for handling transatlantic data flows. This does … Continue Reading

Tag, You’re It: Biometric Information Privacy Act Class Action Against Shutterfly Moves Past 12(b)(6)

Over the last six months, at least four putative class actions have been filed under the Biometric Information Privacy Act (“BIPA”)—an obscure Illinois statute passed about seven years ago to regulate the collection and use of consumers’ biometric information.  In relevant part, the BIPA requires entities in possession of biometric information (i.e., retina scans, fingerprints, … Continue Reading

Not Taking “Yes” For An Answer: U.S. Supreme Court Rules That Unaccepted Offer Of Complete Individual Relief Does Not Moot Plaintiff’s Individual Or Class Action Claim

On January 20, 2016, in a highly anticipated decision (see October 27, 2015 blog) that will have implications for class action practice nationwide, the U.S. Supreme Court ruled that an unaccepted offer of judgment sufficient to completely satisfy an individual claim does not moot that claim or any class claim. The Supreme Court’s decision partially … Continue Reading

Beacons at Retail – So What?

Beacons have been around for years in online and mobile media channels, but they now seem poised to dramatically impact brick-and-mortar businesses. A growing list of major companies are currently vying to bring Bluetooth-enabled beacon hardware and/or software to brick-and-mortar businesses and the customers they serve.… Continue Reading

Another Blow to Call Recording Class Actions

Back in February, the California Court of Appeal in Hataishi v. First American Home Buyers Protection Corp., 223 Cal. App. 4th 1454 (Feb. 21, 2014), dealt a significant blow to call recording class actions across California.  The Court held that plaintiffs asserting claims under California Penal Code section 632 (“Section 632”) had to establish that … Continue Reading

Russian Parliament Moving To Advance Commencement Date On Data Protection And Information Legislation

In July 2014, the Russian President signed data protection and information legislation that requires all “data operators” who are processing personal data of Russian citizens, including over the Internet, to do so from servers/databases within Russia.  While the original law provided for a September 1, 2016 commencement date, new legislation is moving through the Russian … Continue Reading

California To Expand Its Data Breach Notification Rules

California has broadened its data breach notification statutes in response to the increasing number of large data breaches of customer information.  AB 1710, which Governor Jerry Brown signed into law, amends California’s Data Breach Notification Law to (1) ban the sale, advertising for sale or offering for sale of social security numbers, (2) extend the … Continue Reading

Products or Services That Cannot Be Sold To California Minors Cannot Be Advertised To Them Online, Either

California Governor Jerry Brown recently signed into law S.B. 568, the first bill of its kind in the nation. S.B. 568 enacts two new statutes under the title “Privacy Rights for California Minors in the Digital World.” The first, Business and Professions Code section 22580, prohibits advertising certain products to minors online. The second, Business … Continue Reading

California Enacts New Data Privacy Laws

As part of a flurry of new privacy legislation, California Governor Jerry Brown signed two new data privacy bills into law on September 27, 2013: S.B. 46 amending California’s data security breach notification law and A.B. 370 regarding disclosure of “do not track” and other tracking practices in online privacy policies. Both laws will come … Continue Reading
LexBlog