Archives: Privacy Litigation

Subscribe to Privacy Litigation RSS Feed

US Facial Recognition Firm Ordered to Stop Processing UK and Australian Data and Pay Fine Over Privacy Law Violations

Photo of Jeewon SerratoPhoto of BakerHostetlerBy Jeewon Serrato and BakerHostetler on Posted in AI, Biometrics, Data Privacy, GDPR, Privacy, Privacy Litigation
ICO and OAIC Find ‘Serious Breaches’ of Privacy Law On Nov. 29, 2021, the U.K. Information Commissioner’s Office (ICO) announced a provisional intent to fine Clearview AI over £17 million, alleging several privacy violations related to the company’s use of “scraped” data and biometrics of individuals. More significantly, the provisional order would require the company … Continue Reading

Congratulations to Casie Collignon for being named one of the “Top Litigators 2021” by Law Week Colorado!

Photo of Theodore J. Kobus IIIBy Theodore J. Kobus III on Posted in Privacy Class Actions, Privacy Litigation
With a practice focused on privacy class-action defense, Casie Collignon’s career takes her to courts across the country, through daily challenges of chess-like proportions and debate in advocacy for her clients. She has had a growing practice throughout the pandemic with multiple wins in 2020 alone, but she still finds time to be a mother, … Continue Reading

Clearly Defined HIPAA and FERPA Policies May Help Covered Entities in Defending a Claim for Unemployment Compensation

By Paulette Thomas on Posted in HIPAA/HITECH, Privacy Litigation
Recently, in Dantry v. Unemployment Compensation Board of Review, No. 1665 C.D. 2017 (Pa. Cmwlth. 2019), the Commonwealth Court of Pennsylvania reversed the order of the Unemployment Compensation Board of Review (Board) which  had affirmed the Unemployment Compensation Referee’s decision that Jami M. Dantry (Dantry) was ineligible for unemployment compensation benefits because Dantry’ s conduct … Continue Reading

Privacy Shield Update: Commission Report, Ombudsperson Deadline, Brexit Guidance

Photo of Melinda L. McLellanBy Melinda L. McLellan, Emily R. Fedeles and Kyle R. Fath on Posted in EU-U.S. Privacy Shield Framework, International Privacy Law, Online Privacy, Privacy Litigation
The end of 2018 saw heightened activity surrounding the EU-U.S. Privacy Shield Framework.  This blog post provides a news roundup on the following developments: • The European Commission’s (the “Commission”) December 19th report (the “Report”) summarizing the second annual joint review that was held in October 2018. • The Report’s February 28, 2019 deadline for … Continue Reading

GDPR Spurring Legal Reforms in South America With New Legislation in Brazil

By Brian P. Bartish and Laura E. Jehl on Posted in Breach Notification, GDPR, Privacy Litigation
As organizations continue to grapple with the requirements of the EU General Data Protection Regulation (GDPR) even months after its effective date, one thing is clear: The impact of the regulation extends far beyond an organization’s European operations. The global effects of the GDPR are even more apparent when one surveys new and proposed data … Continue Reading

Is a New Federal Data Privacy Law on the Horizon? The Tech Industry Sure Hopes So

Photo of Sara GoldsteinBy Laura E. Jehl and Sara Goldstein on Posted in Federal Legislation, Privacy Litigation
Despite several failed attempts in recent years, there is a new effort underway to enact a federal data privacy law, and it’s being led by a somewhat unlikely source – the tech industry. Although they were resistant to a federal privacy law in the past, powerful tech industry players now appear to be publicly embracing … Continue Reading

Not Too Early to Start to Prepare for New California Privacy Law

By Alan L. Friel and Niloufar Massachi on Posted in CCPA, Privacy Litigation, State Legislation
In late June, the California legislature signed into law Assembly Bill 375 (AB 375) as the California Consumer Privacy Act of 2018 (CCPA), a privacy law, unprecedented in the U.S., that grants California residents a broad range of European-like rights when it comes to their personal information (PI), effective Jan. 1, 2020. To be able … Continue Reading

Privacy Advocates See Victory as Supreme Court Extends Fourth Amendment Protections to Historical Cellphone Location Information

Photo of Jonathan B. NewBy Jonathan B. New and Brian P. Bartish on Posted in Privacy Litigation
On June 22, the Supreme Court issued its highly anticipated decision addressing privacy in the digital age, holding that the government generally must obtain a search warrant supported by probable cause to search a target’s historical cell site location information (CSLI), which can provide a detailed record of an individual’s whereabouts. In siding with the … Continue Reading

SAMHSA Updates Privacy Regulations to Reflect Advancements in Healthcare

Photo of Lynn SessionsPhoto of BakerHostetlerBy Lynn Sessions and BakerHostetler on Posted in HIPAA/HITECH, Privacy Litigation
On Jan. 3, 2018, the Substance Abuse and Mental Health Services Administration (SAMHSA) issued its final rule regarding the Confidentiality of Substance Use Disorder Patient Records Part 2. These changes become effective Feb. 2, 2018. As background, the Confidentiality of Substance Use Discover Patient Records Part 2 protects patient records maintained in connection with any … Continue Reading

Revocation of Consent Under the TCPA

By Moustafa Badreldin on Posted in Mobile Privacy, Privacy Litigation
The Telephone Consumer Protection Act (TCPA) was enacted as a consumer protection measure against companies that engage in telemarketing practices. The basic principle of the TCPA is that it seeks to prohibit a company from making “any telephone call to any residential telephone line using an artificial or prerecorded voice to deliver a message without … Continue Reading

Deeper Dive: Clapper Divide Expands In Data Breach Cases

Photo of Sean McIntyreBy Sean McIntyre on Posted in Privacy Class Actions, Privacy Litigation
As reported in our 2017 Data Security Incident Response Report, plaintiffs allege potential future harm as a basis for injury in 80 percent of data breach lawsuits. But are allegations of future harm sufficient to meet Article III’s cases-and-controversies requirement, specifically with regard to the injury-in-fact element of standing? Despite the prevalence of these allegations, … Continue Reading

Washington State Passes Legislation Governing the Use of Biometric Information

Photo of Melinda L. McLellanPhoto of Robyn M. FeldsteinBy Melinda L. McLellan and Robyn M. Feldstein on Posted in Privacy Litigation, Retail Industry, State Legislation
Effective July 23, 2017, Washington will join Illinois and Texas as the third U.S. state to impose statutory restrictions on how businesses collect, use, disclose and retain biometric information. House Bill 1493 applies to entities that “enroll a biometric identifier in a database for a commercial purpose” and includes requirements to provide notice to individuals … Continue Reading

Court of Appeals Upholds FCC’s Net Neutrality Rules and Regulatory Authority

By Suchismita Pahi and Alan L. Friel on Posted in Enforcement, Privacy Litigation
On June 14, 2016, the D.C. Court of Appeals ruled 2-1 in favor of the Federal Communication Commission’s (FCC) net neutrality rules, which the commission approved on February 26, 2015 (published March 12, 2015). This reclassified broadband internet access service (BIAS) as a telecommunications service under Title II of the Communications Act, affording the FCC … Continue Reading

Social Media’s Not For You—It’s About You: Risks for Organizations in a New Age of Sharing

Photo of James A. ShererPhoto of Melinda L. McLellanBy James A. Sherer and Melinda L. McLellan on Posted in Data Breaches, Information Governance, International Privacy Law, Mobile Privacy, Privacy Litigation, Social Media, Workplace Privacy
Social media and social networking, including websites and applications that allow users to create and share content, have become ubiquitous. Joining the social networking revolution may be very easy for individuals, but establishing best practices for organizations that want or need to be actively engaged with social media is not. Initial considerations tend to focus … Continue Reading

Bring Your Own Device (Everywhere): Legal and Practical Considerations for International BYOD Programs

Photo of Melinda L. McLellanPhoto of James A. ShererBy Melinda L. McLellan and James A. Sherer on Posted in Information Governance, International Privacy Law, Mobile Privacy, Privacy Litigation, Workplace Privacy
The cross-use of mobile devices for personal and professional purposes, commonly referred to as “Bring Your Own Device” or “BYOD”, is a relatively recent phenomenon that has created a host of legal and practical challenges for organizations of all sizes. Implementing a BYOD program is especially complex for companies that have employees who regularly travel … Continue Reading

Once Again, Clapper Defeats Data Breach Class Action

By Judy Selby on Posted in Data Breaches, Identity Theft, Online Privacy, Privacy Litigation
Article III standing has once again proved to be an insurmountable hurdle for data breach class action plaintiffs whose personal information hasn’t been misused.  In Galaria v. Nationwide Mutual Insurance Co., an Ohio federal court relied on the United States Supreme Court’s decision in Clapper v. Amnesty Intern. USA, 133 S.Ct. 1138 (2013), and held … Continue Reading

Information Governance – 2013 in Review

Photo of BakerHostetlerBy BakerHostetler on Posted in Data Breaches, Online Privacy, Privacy Litigation
By: Judith A. Selby and James A. Sherer 2013 was the year that the term “Information Governance” or “IG” began to be widely used outside of technical circles. Despite that fact, the concept of IG is not well understood. Gartner, a premier information advisory company, defines IG as the specification of decision rights and an accountability framework … Continue Reading

Opening the Flood Gates? California Voters May Create Presumption of Harm in Privacy Breach Cases

Photo of BakerHostetlerBy BakerHostetler on Posted in Data Breaches, Privacy Class Actions, Privacy Litigation
Authored by: Julian Perlman Editor’s Note: This post is a joint submission with BakerHostetler’s Class Action Lawsuit Defense blog. California has moved one step closer towards amending its Constitution to create a presumption of harm whenever personal data is shared without a consumer’s express opt-in, a change that would clear a significant hurdle to many privacy breach … Continue Reading

Legal concepts every social media marketer should know: Part III — Use of third-party images, graphics, and content

Photo of Fernando A. Bohorquez, Jr.By Fernando A. Bohorquez, Jr. on Posted in Marketing, Privacy Litigation, Social Media
Editor’s Note: This blog post was originally published on September 11, 2013, courtesy of iMedia Connection’s Blog. It is repurposed with permission. This post is co-authored by Alan M. Pate. It’s often said that imitation is the sincerest form of flattery. But when it comes to running an online marketing campaign or social media site, … Continue Reading

Federal Prosecutors Indict Accused Data Thieves

By Michael Young on Posted in Privacy Litigation
Federal prosecutors announced yesterday the indictment of five men accused of involvement in the theft of over 160 million credit card numbers. According to prosecutors, thefts by this group involved some of the largest and most notable U.S. data breaches of recent years, including Global Payments, Heartland Payment Systems, Hannaford, and NASDAQ, among others. Payment … Continue Reading

South Korea Court Opens the Door for Unintentional Data Breach Collective Actions

Photo of Erica Gann KitaevBy Erica Gann Kitaev on Posted in Data Breaches, International Privacy Law, Privacy Class Actions, Privacy Litigation
Authorship Credit:  Nathan A. Schacht This is a cross blog post with BakerHostetler’s class action blog.  For the latest in class action developments, visit classactionlawsuitdefense.com.  On February 15, 2013, the Seoul Western District Court in South Korea issued a judgment in a collective consumer action against a South Korean company for a data breach involving … Continue Reading

Call Centers Increasingly Targeted in Class Action Lawsuits for Statutory Penalties Under Decades-Old California Law

Photo of Gerald J. FergusonBy Gerald J. Ferguson on Posted in Privacy Class Actions, Privacy Litigation
Authored by: Paul Karlsgodt Editor’s Note – This article is a joint submission to BakerHostetler’s Class Action Lawsuit Defense blog. Companies that provide call center services to consumers are increasingly being targeted in class action lawsuits under an arcane section of the California penal code that provides a civil right of action and statutory damages … Continue Reading
LexBlog