Archives: Privacy Litigation

Subscribe to Privacy Litigation RSS Feed

GDPR Spurring Legal Reforms in South America With New Legislation in Brazil

As organizations continue to grapple with the requirements of the EU General Data Protection Regulation (GDPR) even months after its effective date, one thing is clear: The impact of the regulation extends far beyond an organization’s European operations. The global effects of the GDPR are even more apparent when one surveys new and proposed data … Continue Reading

Is a New Federal Data Privacy Law on the Horizon? The Tech Industry Sure Hopes So

Despite several failed attempts in recent years, there is a new effort underway to enact a federal data privacy law, and it’s being led by a somewhat unlikely source – the tech industry. Although they were resistant to a federal privacy law in the past, powerful tech industry players now appear to be publicly embracing … Continue Reading

Not Too Early to Start to Prepare for New California Privacy Law

In late June, the California legislature signed into law Assembly Bill 375 (AB 375) as the California Consumer Privacy Act of 2018 (CCPA), a privacy law, unprecedented in the U.S., that grants California residents a broad range of European-like rights when it comes to their personal information (PI), effective Jan. 1, 2020. To be able … Continue Reading

Privacy Advocates See Victory as Supreme Court Extends Fourth Amendment Protections to Historical Cellphone Location Information

On June 22, the Supreme Court issued its highly anticipated decision addressing privacy in the digital age, holding that the government generally must obtain a search warrant supported by probable cause to search a target’s historical cell site location information (CSLI), which can provide a detailed record of an individual’s whereabouts. In siding with the … Continue Reading

SAMHSA Updates Privacy Regulations to Reflect Advancements in Healthcare

On Jan. 3, 2018, the Substance Abuse and Mental Health Services Administration (SAMHSA) issued its final rule regarding the Confidentiality of Substance Use Disorder Patient Records Part 2. These changes become effective Feb. 2, 2018. As background, the Confidentiality of Substance Use Discover Patient Records Part 2 protects patient records maintained in connection with any … Continue Reading

Deeper Dive: Clapper Divide Expands In Data Breach Cases

As reported in our 2017 Data Security Incident Response Report, plaintiffs allege potential future harm as a basis for injury in 80 percent of data breach lawsuits. But are allegations of future harm sufficient to meet Article III’s cases-and-controversies requirement, specifically with regard to the injury-in-fact element of standing? Despite the prevalence of these allegations, … Continue Reading

Washington State Passes Legislation Governing the Use of Biometric Information

Effective July 23, 2017, Washington will join Illinois and Texas as the third U.S. state to impose statutory restrictions on how businesses collect, use, disclose and retain biometric information. House Bill 1493 applies to entities that “enroll a biometric identifier in a database for a commercial purpose” and includes requirements to provide notice to individuals … Continue Reading

Court of Appeals Upholds FCC’s Net Neutrality Rules and Regulatory Authority

On June 14, 2016, the D.C. Court of Appeals ruled 2-1 in favor of the Federal Communication Commission’s (FCC) net neutrality rules, which the commission approved on February 26, 2015 (published March 12, 2015). This reclassified broadband internet access service (BIAS) as a telecommunications service under Title II of the Communications Act, affording the FCC … Continue Reading

Social Media’s Not For You—It’s About You: Risks for Organizations in a New Age of Sharing

Social media and social networking, including websites and applications that allow users to create and share content, have become ubiquitous. Joining the social networking revolution may be very easy for individuals, but establishing best practices for organizations that want or need to be actively engaged with social media is not. Initial considerations tend to focus … Continue Reading

Bring Your Own Device (Everywhere): Legal and Practical Considerations for International BYOD Programs

The cross-use of mobile devices for personal and professional purposes, commonly referred to as “Bring Your Own Device” or “BYOD”, is a relatively recent phenomenon that has created a host of legal and practical challenges for organizations of all sizes. Implementing a BYOD program is especially complex for companies that have employees who regularly travel … Continue Reading

Once Again, Clapper Defeats Data Breach Class Action

Article III standing has once again proved to be an insurmountable hurdle for data breach class action plaintiffs whose personal information hasn’t been misused.  In Galaria v. Nationwide Mutual Insurance Co., an Ohio federal court relied on the United States Supreme Court’s decision in Clapper v. Amnesty Intern. USA, 133 S.Ct. 1138 (2013), and held … Continue Reading

Information Governance – 2013 in Review

By: Judith A. Selby and James A. Sherer 2013 was the year that the term “Information Governance” or “IG” began to be widely used outside of technical circles. Despite that fact, the concept of IG is not well understood. Gartner, a premier information advisory company, defines IG as the specification of decision rights and an accountability framework … Continue Reading

Opening the Flood Gates? California Voters May Create Presumption of Harm in Privacy Breach Cases

Authored by: Julian Perlman Editor’s Note: This post is a joint submission with BakerHostetler’s Class Action Lawsuit Defense blog. California has moved one step closer towards amending its Constitution to create a presumption of harm whenever personal data is shared without a consumer’s express opt-in, a change that would clear a significant hurdle to many privacy breach … Continue Reading

Legal concepts every social media marketer should know: Part III — Use of third-party images, graphics, and content

Editor’s Note: This blog post was originally published on September 11, 2013, courtesy of iMedia Connection’s Blog. It is repurposed with permission. This post is co-authored by Alan M. Pate. It’s often said that imitation is the sincerest form of flattery. But when it comes to running an online marketing campaign or social media site, … Continue Reading

Federal Prosecutors Indict Accused Data Thieves

Federal prosecutors announced yesterday the indictment of five men accused of involvement in the theft of over 160 million credit card numbers. According to prosecutors, thefts by this group involved some of the largest and most notable U.S. data breaches of recent years, including Global Payments, Heartland Payment Systems, Hannaford, and NASDAQ, among others. Payment … Continue Reading

South Korea Court Opens the Door for Unintentional Data Breach Collective Actions

Authorship Credit:  Nathan A. Schacht This is a cross blog post with BakerHostetler’s class action blog.  For the latest in class action developments, visit classactionlawsuitdefense.com.  On February 15, 2013, the Seoul Western District Court in South Korea issued a judgment in a collective consumer action against a South Korean company for a data breach involving … Continue Reading

Call Centers Increasingly Targeted in Class Action Lawsuits for Statutory Penalties Under Decades-Old California Law

Authored by: Paul Karlsgodt Editor’s Note – This article is a joint submission to BakerHostetler’s Class Action Lawsuit Defense blog. Companies that provide call center services to consumers are increasingly being targeted in class action lawsuits under an arcane section of the California penal code that provides a civil right of action and statutory damages … Continue Reading

Courts Preliminarily Approve Settlements in Netflix and Blockbuster Video Privacy and Protection Act Class Actions

Two Federal District Courts recently approved settlements in two significant class actions brought under the Video Privacy and Protection Act, 18 U.S.C. § 2710, et seq. (“VPPA”), which limits the disclosure of personally identifiable information about subscribers as well as the amount of time that video rental service providers can retain subscriber information. On July … Continue Reading

DPPA Does Not Prohibit Bulk Obtainment of Motor Vehicle Records

The Sixth Circuit Court of Appeals has upheld the dismissal of a purported class action lawsuit brought under the federal Driver’s Privacy Protection Act, 18 U.S.C. § 2127, et. seq. (“DPPA”).  Plaintiffs’ claims in Wiles v. Ascom  Transport System, Inc., Case No. 11-5342, were based on the bulk obtainment of personal information from Kentucky motor … Continue Reading

US Supreme Court Finds that Mental and Emotional Distress are not “Actual Damages” under the Privacy Act

In privacy litigation, the majority of the federal courts have required demonstration of a certain tangible, provable harm before granting damage awards to plaintiffs claiming a violation of their privacy.  The Supreme Court’s recent decision in Federal Aviation Administration et al. v. Stanmore Cawthon Cooper, case number 10-1024, is no different.  In the Court’s March 28, … Continue Reading

Lessons Learned from the Second Circuit’s Reinstatement of Copyright Suit Against YouTube

The Social Media revolution is built on two legal foundations – the Digital Millennium Copyright Act (“DMCA”) which generally protects websites that host user generated content from copyright claims, and the Communications Decency Act, which generally protects such websites from claims based on the publication of defamatory or other illegal content. The Second Circuit sent … Continue Reading
LexBlog