The California Privacy Protection Agency (“CPPA”) announced it will hold a special meeting on July 28, 2022 at 9 a.m. PST to discuss and potentially act on proposed federal privacy legislation, including the bipartisan American Data Protection and Privacy Act (“ADPPA”) (H.R. 8152).  The ADPPA is a comprehensive data privacy bill that advanced through

After several twist and turns, on July 7th Intel Corp. succeeded in achieving final dismissal of class claims alleging that Intel knew about purported security vulnerabilities in its microprocessors and failed to disclose or mitigate those vulnerabilities.  The case, In Re Intel Corp. CPU Marketing, Sales Practices and Products Liability Litigation, 3:18-md-02828, had

Last week, an Illinois federal district court granted the defendant’s motion to stay in Stegmann v. PetSmart, No. 1:22-cv-01179 (N.D. Ill.).  The case implicates the evolving law surrounding the scope of the Illinois Biometric Information Privacy Act (“BIPA”) and  a pending Illinois Supreme Court case that could provide an important defense to certain BIPA suits.

Continue Reading Federal Court Stays Suit Implicating Accrual of Claims Under the Illinois Biometric Information Privacy Act

Recent months have seen a growing trend of data privacy class actions asserting claims for alleged violations of federal and state video privacy laws.  In this year alone, plaintiffs have filed dozens of new class actions in courts across the country asserting claims under the federal Video Privacy Protection Act (“VPPA”), Michigan’s Preservation of Personal Privacy Act (“MPPPA”), and New York’s Video Consumer Privacy Act (“NYVCPA”).

Continue Reading Emerging Trends: Renewed Wave of Video Privacy Class Actions

Today, the Federal Trade Commission (FTC) announced that it anticipates proposing a privacy rulemaking this month, with comments closing in August.  This announcement follows the agency’s statement in December that it planned to begin a rulemaking to “curb lax security practices, limit privacy abuses, and ensure that algorithmic decision-making does not result in unlawful discrimination.” 

The Connecticut legislature passed Connecticut SB 6 on April 28, 2022.  If signed by the governor, the bill would take effect on July 1, 2023, though the task force created by the bill will be required to begin work sooner.

The bill closely resembles the Colorado Privacy Act, with a few notable additions.  Like the Colorado Privacy Act, the bill adopts “controller” and “processor” terminology, provides consumers with rights to access, correct, delete, obtain a copy, and opt-out of certain types of processing of their personal data, and requires consent for certain activities.
Continue Reading Connecticut Legislature Passes Comprehensive Privacy Bill

On April 12, at the International Association of Privacy Professionals’ global privacy conference, Colorado Attorney General Phil Weiser gave remarks on his office’s approach to the rulemaking and enforcement of the Colorado Privacy Act.
Continue Reading Colorado Attorney General Remarks on CPA Rulemaking

In a new post on the Covington Digital Health blog, our colleagues discuss the Office for Civil Rights’ (“OCR”) recently published request for information (“RFI”) seeking comment on implementing certain provisions of the Health Information Technology for Economic and Clinical Health (“HITECH”) Act.  The RFI seeks input as to how covered entities and business

In March, the Supreme Court issued its decision in Federal Bureau of Investigation v. Fazaga, No. 20-828, holding that the state secrets privilege—and its dismissal remedy—applies to cases that may also be subject to the judicial review procedures set forth in the Foreign Intelligence Surveillance Act (“FISA”).  In so holding, the Court reversed the Ninth Circuit’s 2020 ruling that FISA displaces the state secrets privilege in cases involving electronic surveillance.

Continue Reading Supreme Court Holds FISA Does Not Displace the State Secrets Privilege