Another district court just ordered the defendant in a data breach class action to turn over the forensic report it believed was entirely protected from disclosure by the attorney-client privilege and work product doctrine....more
8/2/2021
/ Attorney-Client Privilege ,
Capital One ,
Class Action ,
Compliance ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Disclosure ,
Forensic Examination ,
Motion to Compel ,
Work-Product Doctrine
To note the one year anniversary of the California Consumer Privacy Act (CCPA) enforcement date, California Attorney General Rob Banta held a press conference on July 19, 2021 to share key information about enforcement...more
On Friday, a sharply divided U.S. Supreme Court issued a ruling, which significantly impacts the plaintiffs’ ability to pursue privacy and data breach class actions in federal courts. In TransUnion LLC v. Ramirez, Case No....more
6/29/2021
/ Article III ,
Class Action ,
Class Members ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Fair Credit Reporting Act (FCRA) ,
Injury-in-Fact ,
SCOTUS ,
Standing ,
TransUnion ,
TransUnion LLC v Ramirez
Although the California Consumer Protection Act (“CCPA”) went into effect on January 1, 2020 and over 100 class actions referencing the CCPA have been filed to date, very few class actions have actually made their way to...more
Earlier this week, the California Department of Justice unexpectedly released a third set of proposed modifications to the CCPA regulations. This move took place only two months after the California Attorney General’s Office...more
10/14/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Information Governance ,
Office of Administrative Law ,
Opt-Outs ,
Personal Information ,
Privacy Policy ,
State Attorneys General
Last week, the plaintiffs in three related children’s privacy class actions sought preliminary approval of proposed settlements with sixteen defendants in those coordinated actions. The matters—known as the Kiloo Action, the...more
9/2/2020
/ Class Certification ,
Class Members ,
COPPA ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Declaratory Relief ,
Disney ,
Federal Rules of Civil Procedure ,
Injunctive Relief ,
Mobile Apps ,
Online Safety for Children ,
Personal Data ,
Right to Privacy ,
Settlement ,
Settlement Negotiations ,
Website Owner Liability
Online stationery and craft company Minted Inc. has been hit with a CCPA class action lawsuit, stemming from a massive data breach the company disclosed in late May. The proposed class action lawsuit, filed in a California...more
6/17/2020
/ Breach of Implied Contract ,
California Consumer Privacy Act (CCPA) ,
Class Action ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Putative Class Actions ,
State Attorneys General ,
Unfair Competition Law (UCL)
In an unprecedented ruling, one federal court recently held that the work product doctrine does not protect the expert cybersecurity report prepared after a data breach. The court ordered the release of the unredacted...more
The organization known as Californians for Consumer Privacy announced yesterday that it successfully secured enough signatures to qualify adding the California Privacy Rights Act (“CPRA”) to the state’s November 2020 ballot....more
Although it may not seem like it, there are privacy-related issues to discuss beyond COVID-19. Before the state of emergency, we saw the first complaint under the California Consumer Privacy Act (CCPA) filed in a California...more
While many companies around the world are coping with a global pandemic, some are facing additional challenges in light of a looming deadline triggered by the California Consumer Privacy Act (“CCPA”). Citing #covid19...more
The New York Department of Financial Services (NYDFS) issued guidance to financial institutions engaged in virtual currency business activities, mandating that an emergency preparedness plan from each firm be submitted to...more
In this post, we offer insights on the revisions recently made by the California Attorney General’s office to Article 4 of its draft regulations pertaining to verification requirements. Article 4 specifies how businesses...more
The California Attorney General’s draft regulations specify how businesses verify consumers’ identities when they receive consumers’ data requests. Specifically, Section 999.323 requires a business (i) to verify consumers’...more
Last week, California State Senator Jackson and state Attorney General Becerra introduced a new bill, Senate Bill 561. If passed, it will greatly expand the consumers’ right to bring private lawsuits for violations of the...more
The New York State Department of Financial Services has announced — much to the relief of the multitude of financial services companies and insurers regulated by DFS — that it will revamp its recently proposed cybersecurity...more
The New York Department of Financial Services recently announced a new proposed rule, which would require financial institutions and insurers to implement strong policies for responding to cyberattacks and data breaches. ...more
According to the FBI, “there are only two types of companies: those that have been hacked and those that will be.” It does not take an actual data breach, however, for a company to be liable for its data security practices. ...more
7/20/2016
/ Consumer Financial Protection Bureau (CFPB) ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Security ,
Dwolla ,
FinTech ,
FTC v Wyndham ,
Hackers ,
Personal Data ,
Privacy Laws