The Ninth Circuit recently held that the Children’s Online Privacy Protection Act, which gives the Federal Trade Commission authority to regulate the online collection of personal information from children under the age of 13, does not preempt consistent state law, potentially increasing the risk of class action litigation based on alleged COPPA violations. See Jones
Litigation
Data Breach and the Dark Web: Third Circuit Allows Class Action Standing With Sufficient Risk of Harm
In a new post on the Inside Class Actions blog, our colleagues discuss a recent Third Circuit decision reinstating the putative class action Clemens v. ExecuPharm Inc., concluding there was sufficient risk of imminent harm after a data breach to confer standing on the named plaintiff when the information had been posted on…
Court Dismisses Class Claims Related to Cyber Vulnerability Embargo
After several twist and turns, on July 7th Intel Corp. succeeded in achieving final dismissal of class claims alleging that Intel knew about purported security vulnerabilities in its microprocessors and failed to disclose or mitigate those vulnerabilities. The case, In Re Intel Corp. CPU Marketing, Sales Practices and Products Liability Litigation, 3:18-md-02828, had…
Federal Court Stays Suit Implicating Accrual of Claims Under the Illinois Biometric Information Privacy Act
Last week, an Illinois federal district court granted the defendant’s motion to stay in Stegmann v. PetSmart, No. 1:22-cv-01179 (N.D. Ill.). The case implicates the evolving law surrounding the scope of the Illinois Biometric Information Privacy Act (“BIPA”) and a pending Illinois Supreme Court case that could provide an important defense to certain BIPA suits.…
Emerging Trends: Renewed Wave of Video Privacy Class Actions
Recent months have seen a growing trend of data privacy class actions asserting claims for alleged violations of federal and state video privacy laws. In this year alone, plaintiffs have filed dozens of new class actions in courts across the country asserting claims under the federal Video Privacy Protection Act (“VPPA”), Michigan’s Preservation of Personal Privacy Act (“MPPPA”), and New York’s Video Consumer Privacy Act (“NYVCPA”).…
Continue Reading Emerging Trends: Renewed Wave of Video Privacy Class Actions
Fourth Circuit Holds Statements About Importance of Data Security Not Actionable
In a new post on the Inside Class Actions blog, our colleagues discuss a recent Fourth Circuit opinion holding that statements about the importance a company places on data security are not actionable following a data breach. The case, In re Marriott International, Inc., — F.4th —-, No. 21-1802 (4th Cir. Apr. 21…
Supreme Court Holds FISA Does Not Displace the State Secrets Privilege
In March, the Supreme Court issued its decision in Federal Bureau of Investigation v. Fazaga, No. 20-828, holding that the state secrets privilege—and its dismissal remedy—applies to cases that may also be subject to the judicial review procedures set forth in the Foreign Intelligence Surveillance Act (“FISA”). In so holding, the Court reversed the Ninth Circuit’s 2020 ruling that FISA displaces the state secrets privilege in cases involving electronic surveillance.
…
Continue Reading Supreme Court Holds FISA Does Not Displace the State Secrets Privilege
Federal Court Expresses Skepticism About Validity of Geofence Warrants But Declines Suppression Remedy
Last Thursday, the Eastern District of Virginia in United States v. Chatrie, No. 19-cr-00130, 2022 WL 628905, denied a motion to suppress evidence obtained from Google pursuant to a geofence search warrant. Geofence warrants are a relatively new investigative tool that target private companies’ databases of location data, compelling these companies to produce the location data of every user that was in a particular area over a particular span of time. The court invalidated the warrant for lack of particularized probable cause, but declined to suppress the evidence obtained from Google—which linked the defendant to the scene of a 2019 bank robbery—because the officers sought the warrant in good faith.
Continue Reading Federal Court Expresses Skepticism About Validity of Geofence Warrants But Declines Suppression Remedy
Court Rejects Dismissal of Illinois Biometric Information Privacy Act Against Clearview AI in Pending Multidistrict Litigation
An Illinois federal district court recently rejected dismissal of Illinois Biometric Information Privacy Act (“BIPA”) claims in In re Clearview AI, Inc., Consumer Privacy Litigation, No. 21-cv-135 (N.D. Ill.). The Clearview plaintiffs alleged that Clearview violated their privacy rights without their knowledge and consent by scraping more than three billion photographs of facial images from the internet and using artificial intelligence algorithms on the images to harvest individuals’ unique facial biometric identifiers and corresponding biometric information. Clearview sought dismissal of the BIPA claims under the First Amendment, extraterritoriality doctrine, dormant commerce clause, and BIPA’s express exemption for photographs. The court rejected these grounds, and declined to dismiss the BIPA claims.
Continue Reading Court Rejects Dismissal of Illinois Biometric Information Privacy Act Against Clearview AI in Pending Multidistrict Litigation
2021 Trends in Privacy Regulatory Enforcement and Litigation
2021 was another busy year for data privacy regulatory enforcement and litigation. With some distance to reflect on last year, we have prepared this post identifying and describing important trends from 2021 that can help provide insight into what to expect in the data privacy landscape in 2022.
Data Privacy Regulatory Enforcement Trends
Federal Trade Commission (FTC) and state enforcement action in 2021 centered on several key areas, including protecting children.
An FTC enforcement action last year alleged that the maker of an online coloring book application violated the Children’s Online Privacy Protection Act (COPPA) by collecting personal information about children who used the app without notifying their parents and obtaining their consent. The allegations note that the app included a “Kids” category that was targeted to children. The FTC further claimed that the app’s social media features collected personal information from users and that some parents, lacking knowledge of these features, may have inadvertently permitted their young children to use the app.
Continue Reading 2021 Trends in Privacy Regulatory Enforcement and Litigation