Following California and Virginia’s sweeping consumer and data privacy bills, Florida is the next state to consider comprehensive data privacy legislation in the form of House Bill 969, which was introduced in February. The measure is similar in many ways to the California Consumer Privacy Act (“CCPA”), the California Privacy Rights Act (“CPRA”) and the Virginia Consumer Data Protection Act (“VCDPA”): it imposes a number of new requirements and obligations on covered entities related to…
The Illinois Biometric Information Privacy Act (“BIPA”) continues to attract litigation, and the battle continues as to what allegations of a BIPA violation may proceed in the federal courts. As you will recall, BIPA was enacted in 2008 to protect the privacy of personal biometric data. Section 15(a) of BIPA requires a company to publicly post a general notice about the company’s biometric data retention periods. 740 Ill. Comp. Stat. 14/15(a). Section 15(b) of BIPA requires a…
Just this week Virginia joined California as being one of the few states where consumers have a “right to delete” under applicable state privacy laws. This loosely follows the approach in the EU General Data Protection Regulation (“GDPR”) that also contains a right to delete which is quite broad (“right to obtain . . . erasure of personal data concerning him or her”), though subject to a number of exceptions. State approaches to consumers’ “right to…
Most states offer statutory remedies for offenses relating to unauthorized access or computer-related information or trade secrets. New Jersey is one such state, and a recent case illustrates specific pitfalls with pleading claims under these acts. Read on to learn CPW’s take.
In Display Uk v. Ground Support Labs, 2021 N.J. Super. Unpub. LEXIS 323, at *15 (N.J. Sup. Ct. Feb. 26, 2021), the plaintiffs were two digital signage and consumer engagement companies. The defendants…
CPW’s incredible team just leveled up, as this week consumer privacy superstar Alan Friel joined Squire Patton Boggs. Alan brings with him nearly three decades of comprehensive experience in data privacy. He arrives from BakerHostetler, where he led the US Consumer Privacy practice, co-chaired the retail, restaurant and e-commerce industry initiative, and served as the California Digital Assets and Data Management Leader. Alan joins SPB as Deputy Chair of the firm’s global Data Privacy &…
Glenn Brown reports that today Virginia Governor Ralph Northam signed the Virginia Consumer Data Protection Act (the “Act”) into law, though the Act will not go into effect until January 1, 2023. With this groundbreaking development, Virginia becomes the second state in the United States to enact a data privacy law that purports to regulate the collection, use, and disclosure of the personal data of its residents generally. For a comprehensive overview of the…
In Wesch v. Yodlee, Inc., 20-cv-05991 (N.D. Cal.) individual consumer plaintiffs brought a putative class action against defendants Yodlee, Inc. and its parent company Envestnet, Inc. Yodlee provides software to financial institutions to facilitate online transactions. Plaintiffs accuse defendants of secretly collecting and retaining their user information without their consent, and selling that information to third parties. Plaintiffs asserted a raft of claims against defendants, alleging violation of the federal Stored Communications Act (“SCA”) and…
As the number of data breaches continue to rise, so too will the number of lawsuits filed. As CPW previously reported, the number of data breaches in 2020 was more than double that of 2019. One can only wonder what 2021 will bring. Yet with this increase in data breach litigation, a recent opinion within the Third Circuit reminds us of the crucial issue of standing, which is often challenged at the onset of…