J. Matthew Thornton

Latest Articles

The Illinois Supreme Court held on January 25, 2019, that plaintiffs filing suit under the Biometric Information Privacy Act—which regulates how private entities disclose and discard biometric identifiers—do not need actual damages for standing. The decision has serious implications for companies collecting biometric data from Illinois residents. The Act provides a private right of action to individuals “aggrieved” by any violation, allowing them to seek, among other remedies, liquidated or actual damages, attorneys’ fees, and…
The U.S. Consumer Product Safety Commission (CPSC) recently announced that it will hold a hearing on May 16, 2018, to receive information on potential hazards with Internet of Things (IoT) products. In its public notice, the CPSC explained that the “purpose of the public hearing . . . is to provide interested stakeholders a venue to discuss potential safety hazards created by a consumer product’s connection to IoT or other network-connected devices; the types…
In the absence of federal action, state legislators continue to propose bills that would increase data privacy and security protections for consumers. Any entity that does business in these states or maintains confidential information of their residents should monitor the legislation to determine whether and how the proposed changes may affect operations. The bills are a reaction to Equifax’s data breach disclosure last summer. In prior alerts and articles, we discussed proposed legislation in Arizona