Alexis Collins

Photo of Alexis Collins

Alexis Collins’ practice focuses on litigation, including criminal and regulatory enforcement matters and complex civil and antitrust litigation.

Latest Articles

On April 9, 2019, an appellate court in Illinois held in Liu v. Four Seasons Hotel, Ltd.[1] that an employee’s allegations of violations of the state’s Biometric Information Privacy Act (“BIPA” or the “Act”) do not constitute allegations of “a wage or hour violation,” even where collection of biometric data is being used to monitor hours worked.  Coming on the heels of the Illinois Supreme Court’s decision in Rosenbach v. Six Flags Entertainment Corporation
On April 10, 2019, the Department of Justice (“DOJ”) released a white paper titled Promoting Public Safety, Privacy, and the Rule of Law Around the World:  The Purpose and Impact of the CLOUD Act.  This white paper is the first official DOJ statement about the Clarifying Lawful Overseas Use of Data Act (“CLOUD Act”) and reflects the DOJ’s current perspective on its scope and implications.  Below we summarize the CLOUD Act and discuss the…
On March 20, 2019, in Frank v. Gaos, the Supreme Court remanded a case challenging Google’s practice of disclosing users’ search terms to third parties, directing the lower courts to address whether class plaintiffs had Article III standing to bring the privacy action in light of Spokeo, Inc. v. Robins, 136 S. Ct. 1540 (2016).[1]  Frank v. Gaos was originally notable because it had been resolved by a cy pres-only class action settlement,…
On Friday, March 15, 2019, the U.S. Federal Trade Commission (“FTC”) issued its 2018 Privacy & Data Security Update (the “Update”) detailing its activities last year in seven “zones” of privacy and data security: enforcement, advocacy, rules, workshops, reports and surveys, consumer education and business guidance, and international engagement. …
On January 25, 2019, the Illinois Supreme Court held in Rosenbach v. Six Flags Entertainment Corporation that plaintiffs are not required to allege actual harm in order to seek damages against private entities under the state’s Biometric Information Privacy Act (BIPA).  BIPA regulates companies’ collection, retention, and disclosure of biometric identifiers.  It further provides a private right of action for persons “aggrieved” by a violation of the Act for recovery of liquidated damages, injunctive relief, attorneys’ fees, and…
In 2018, data privacy and cyber breaches made headlines throughout the year. Major companies continued to suffer data breaches, highlighting the risks and potential costs of cyber incidents across industries.  At the same time, a growing and overlapping thicket of data security and privacy regulations—within the U.S., European Union, Latin America, and elsewhere—continued to increase compliance costs and regulatory risks.  This memo surveys some of the key cybersecurity and data privacy developments of 2018, including…
On January 7, 2019 the National Futures Association (“NFA”) provided additional guidance on the required cybersecurity practices of certain NFA members by amending its Interpretive Notice entitled NFA Compliance Rules 2-9, 2-36 and 2-49: Information Systems Security Programs (the “Interpretive Notice”).  The Interpretive Notice currently requires each NFA member futures commission merchant (“FCM”), commodity trading advisor, commodity pool operator, introducing broker (“IB”), retail foreign exchange dealer, swap dealer (“SD”) and major swap participant to implement…
On December 20, 2018, the Financial Industry Regulatory Authority (“FINRA”) released a Report on Selected Cybersecurity Practices for broker-dealer firms.  This report reflects FINRA’s current perspective on the cybersecurity threat landscape based on observations from its examinations of securities firms.  Below we discuss the report’s key observations and contextualize these insights for members of the financial industry.…
On December 13, 2018, the District Court for the Northern District of California dismissed a putative securities class action brought against PayPal Holdings, its subsidiary TIO Networks Corp., and several executives of both companies for a security breach that resulted in the potential compromise of personally identifiable information for 1.6 million customers.  In Sgarlata v. PayPal Holdings Inc., No. 17-cv-06956-EMC, 2018 WL 6592771 (N.D. Cal. Dec. 13, 2018) (“Sgarlata”), the court dismissed the complaint for…
On December 20, 2018, the U.S. Securities and Exchange Commission (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) released its 2019 Examination Priorities.  The six themes for this year’s priorities are:  retail investors (including seniors and those saving for retirement), compliance and risk in registrants responsible for critical market infrastructure (clearing agencies, transfer agents, national securities exchanges and Regulation SCI entities), oversight of the Financial Industry Regulatory Authority and Municipal Securities Rulemaking Board, digital assets,…