• |

    Nov. 27, 2024

U.S. Privacy Litigation Highlights

Many courts across the nation continue to see a surge in data privacy cases, with trends emerging in the types of lawsuits filed and their outcomes. As we prepare to enjoy the Thanksgiving holiday in the U.S., this special retrospective spotlights several articles with in-depth analysis and practical takeaways from resolved cases involving claims under the Video Privacy Protection Act, Illinois Biometric Information Privacy Act and federal Wiretap Act. We also have included an article with strategies for defeating claims under the California Invasion of Privacy Act, which has been a favorite of the plaintiffs’ bar for the past few years.

Unpacking the Second Circuit’s Bombshell VPPA Ruling

The U.S. Court of Appeals for the Second Circuit (Court) recently issued a momentous ruling in a class action under the Video Privacy Protection Act (VPPA) that has the potential to expand the scope of VPPA litigation within the circuit, and perhaps beyond. In this guest article, Blank Rome partners Phil Yannella and Harrison Brown, and associate Victor Sandoval, analyzed the Court’s ruling, which takes an expansive view of the VPPA’s definitions of “consumer” and “video-tape service provider,” and offered practical insights on how companies can defend VPPA cases moving forward.

Seventh Circuit Refuses to Compel BIPA Mass Arbitration Against Samsung Series

Mass arbitration has become a potent weapon in consumer privacy litigation. In one recent case involving claims under the Illinois Biometric Information Privacy Act (BIPA), Samsung turned the tables on the claimants, who likely were counting on leveraging the applicable American Arbitration Association (AAA) filing fee, by refusing to pay the fee, prompting the AAA to terminate the arbitration. The case ended up before the U.S. Court of Appeals for the Seventh Circuit (Court), which found that claimants had not established the existence of a binding arbitration agreement, and, even if they had, the arbitration had already been completed in accordance with AAA rules. The first article in our two-part coverage of the case examined the Court’s analysis and discussed relevant procedural background. In the second article, Baker Donelson biometrics team lead David Oberly addressed the key takeaways and practical implications of the decision, provided strategies for strengthening arbitration agreements and discussed the future trajectory of mass arbitration tactics in BIPA class action litigation.

Considerations for Adtech Stemming From Oracle’s $115 Million Settlement

Oracle America, Inc. agreed this past July to pay $115 million to settle a class action lawsuit in which it was accused of violating internet users’ privacy by surreptitiously employing tracking techniques to gather their data and creating and sharing “dossiers” on them. As part of the settlement, Oracle also agreed not to capture certain website data and to implement auditing to ensure compliance with privacy duties. This article discussed, with insights from Proskauer partner Leslie A. Shanklin, key aspects of the litigation and settlement terms, and practical takeaways for the adtech industry.

Aftermath of the Ninth Circuit BIPA Liability Shake‑Up in Zellmer v. Meta

Prospective defendants in Illinois Biometric Information Privacy Act (BIPA) cases may have rested a little easier following a Ninth Circuit Court of Appeals decision finding that biometric identifiers must actually identify someone to be covered under the statute. District courts in the Seventh Circuit, however, have not agreed, setting up a potential circuit split on the issue. With insights from partners at Blank Rome, Bradley Arant Boult Cummings and Locke Lord, this article examined the Zellmer v. Meta decision and its implications, including in the context of other decisions and a recent BIPA amendment, and offered practical BIPA compliance lessons.

Lessons From the Trenches: Winning Strategies for Defeating Pen Register Lawsuits

Absent a federal privacy law in the U.S., creative plaintiffs’ lawyers have filled the void by filing hundreds of lawsuits each year alleging novel state law theories to challenge the collection of information on the internet. The most active bench of privacy advocates has seized on the California Invasion of Privacy Act (CIPA) to file a barrage of privacy litigation based on a decades-old law. The latest filings have focused on the argument that commonplace tracking software, like cookies or pixels, constitutes “pen register” and “trap and trace” devices that may not be used without consent or a court order. In this guest article, Blank Rome partner Rachel Schaller laid out plaintiffs’ pen register litigation playbook and provided strategies to defeat CIPA claims.

Google’s Wiretap Cases Highlight Evolving Privacy Transparency Standards

As Google was facing trial in a $5‑billion class action over allegations regarding its improper collection of data while users browsed in private “Incognito” mode, a preliminary settlement was reached on December 28, 2023. Google was defending another lawsuit challenging its data collection practices at the time of the settlement. That case has since been sent back to the district court – after the United States Court of Appeals for the Ninth Circuit ruled in favor of plaintiffs, reversing a summary judgment in favor of Google – to evaluate whether a “reasonable” user of the Google Chrome browser should be presumed to have consented to certain allegedly misleading and convoluted privacy policies. With insights from partners at Carter Ledyard & Milburn, Ballard Spahr and Collyer Bristow, this article examined the novel wiretap allegations in the cases and offered practical lessons on how to approach privacy policies to mitigate the risk of similar claims.

Most-Read Articles

Cybersecurity Awareness Month

Read the full brief here.

Spotlight on Trailblazing Women

To mark International Women’s Day 2024, women editors and reporters of ION Analytics interviewed outstanding women in the industries and jurisdictions we cover. In this part, Jill Abitbol, Managing Editor of the Cybersecurity Law Report and Anti-Corruption Report, features notable women in data privacy, cybersecurity, white collar defense, compliance and anti-corruption law, including Christina Montgomery, Leslie Shanklin, Palmina Fava, Alexandra Ross and Lucinda Low. Enjoy reading their inspiring remarks here.

We Celebrate Data Privacy Day 2024

Read the full brief here.

Spotlight on Trailblazing Women

In honor of International Women’s Day, some of ION Analytics' editorial teams led by women interviewed notable women in the markets and industries we cover. In this part, the Cybersecurity Law Report highlighted notable women in compliance and hedge fund, data privacy and cybersecurity, and anti-corruption law, including Amii Barnard-Bahn, Abigail Bell, Genna Garver, Jane Horvath, Barbara Li, Amy Mushahwar, Mara Senn and Carol Widger. The interviews are here.

 

 

 

Webinar on Compliant International Data Transfers

Listen here to our discussion with our colleagues at Ethos Privacy, which took place on March 1, 2022, on how to approach international data transfer challenges. 

Webinar on Getting a Handle on Vendor Contracts

A recording of the March 10 webinar can be accessed here

Cybersecurity Resolutions for 2021

In this quick take video, we talk about some of our cybersecurity resolutions for 2021.

Facial Recognition Concerns

In this short video, we discuss the privacy and bias concerns with facial recognition technology.

Planning for the Return to Work 

We discuss a few return-to-work privacy issues in this short video.

ACR and CSLR Spring Update 2020

The Senior Editors of the Anti-Corruption Report and the Cybersecurity Law Report recently teamed up to present an update on the trends and hot topics in the anti-corruption, cybersecurity and data privacy spaces since the beginning of the year and what the publications will be focusing on in the coming months. A complimentary download of the webinar is available here.

Upcoming Webinar: Companywide Work From Home - Cybersecurity and Privacy Best Practices

Please join us on Monday, March 23, 2020, from 12:00 p.m.- 12:30 p.m. EDT for a complimentary webinar discussing the cybersecurity and privacy challenges the shift to remote working has created and how to overcome them. Registration information for the webinar is here

Upcoming Webinar to Explore Best Practices for Alternative Data Use

Please join us on Wednesday, January 15, 2020, at 11:00 a.m. EST for a complimentary webinar hosted by our sister publication, the Hedge Fund Law Report, discussing issues relating to the use of alternative data by private fund managers. To register for the webinar, click here.

Upcoming HFLR/CSLR Webinar to Explore Strategies and Tactics for Conducting an Effective Tabletop Exercise

Please join the Hedge Fund Law Report and the Cybersecurity Law Report on Tuesday, July 30, 2019, at 1:00 p.m. ET for a complimentary webinar discussing the strategies and tactics companies can employ to conduct an effective tabletop exercise. GCs and CCOs are encouraged to invite their CISOs and CTOs to join as well. The webinar will be moderated by Shaw Horton, Associate Editor of the Hedge Fund Law Report, and will feature Luke Dembosky, partner at Debevoise, John “Four” Flynn, chief information security officer at Uber, and Jill Abitbol, Senior Editor of the Cybersecurity Law Report. Registration for the webinar is available here.

Anti-Corruption Webinar: How HPE Is Using Its New T&E Tool to Generate Compliance Metrics

Measuring the effectiveness of a compliance program can be tricky, but some companies are finding ways to use their existing internal controls to generate useful data. Join our sister publication the Anti-Corruption Report (ACR) for a complimentary webinar that explores Hewlett Packard Enterprises’ new travel-and-entertainment-approval tool. On Wednesday, March 27, 2019, from 1:00 p.m. to 2:00 p.m. EDT, the ACR’s Megan Zwiebel will interview Becky Rohr, vice-president of anti-corruption and global trade at Hewlett Packard Enterprises, about how they are using their T&E tool to measure and improve compliance. Registration information is here.