State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
CFPB's Inquiry Into Payments Privacy — Payments Pros – The Payments Law Podcast
Bridging the Gap: How CivicReach is Revolutionizing Government Customer Service
The Privacy Insider Podcast Episode 11: Signal and Noise: The New Administration, Privacy, and Our Digital Rights with Cindy Cohn of Electronic Frontier Foundation
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
"Monsters Inc." y el tratamiento de los datos
The American Privacy Right Act (APRA) explained
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
Navigating State Privacy Laws
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
Are You Ready to Comply With New State Data Privacy Laws?
Embracing Data Privacy to Drive Business Growth: On Record PR
Data Dividend: What is Personal Data Worth?
Data Revolution: How U.S. Privacy Laws Change the Way Data Should be Managed by Retail and Tech Industries
State AG Pulse | CT AG Reacts to Genetic Data Breach
Episode 293 -- Catching Up with California and Other State Privacy Laws
On April 22, 2025, the National Football League (NFL) filed an amicus brief asking the United States Supreme Court to take on a Video Privacy Protection Act (VPPA) class action case against the National Basketball Association...more
Enacted in 1988, the Video Privacy Protection Act (VPPA) was intended to regulate the then-booming videotape industry by limiting how video rental and sales data is disclosed. The law was enacted in direct response to the...more
In a big win for businesses, a California federal court just held that a “tester” plaintiff – someone who visits websites for purposes of initiating litigation – cannot bring a claim under the California Invasion of Privacy...more
Yahoo’s ConnectID is a cookieless identity solution that allows advertisers and publishers to personalize, measure, and perform ad campaigns by leveraging first-party data and 1-to-1 consumer relationships. ConnectID uses...more
Readers of this blog know about the never-ending barrage of consumer privacy litigation commenced against online companies in connection with their collection of consumer data. Several of these cases have recently been filed...more
Three recent federal court cases consider whether the use of third party trackers embedded in websites can be the basis of class action lawsuits alleging violations of statutes enacted before the internet existed. These...more
While readers of this blog are familiar with the proliferation of California Invasion of Privacy Act (“CIPA”) wiretapping claims, our readers may be less familiar with CIPA-related GET Request claims. Below, we explain what...more
Beware of demand letters from plaintiffs’ attorneys for allegations of illegal use of pen registers, trap and trace pixels, and search bar pixels—why? This “trap and trace” litigation is a growing trend for plaintiffs’...more
In 2024, plaintiffs across the United States filed various class action cases related to web tracking technology employed by companies to enhance user experience on their websites and to improve the efficacy of their...more
Over the last several years, litigation (often class actions) premised on the use of technology like session-replay products, web beacons, pixels, and cookies has proliferated. Typical theories include plaintiffs claiming...more
Almost every business has a website; every website should have a privacy policy, terms of use, and, in some cases, a consumer privacy rights notice—if certain state consumer privacy rights laws apply to your business, such as...more
The Video Privacy Protection Act (“VPPA”), a federal statute enacted in 1988, is gaining new relevance in recent years as plaintiffs bring lawsuits with the goal of enforcing online privacy rights. 2024 saw a continuation of...more
Two recent court decisions have provided businesses with long-awaited clarity on the reach of the California Invasion of Privacy Act (CIPA) – and could begin to redefine digital privacy litigation for the better. Two separate...more
A California federal district court recently granted class certification in a lawsuit against a financial services company. The case involves allegations that the company’s website used third-party technology to track users’...more
Our readers are well aware of the proliferation of lawsuits alleging California Invasion of Privacy Act (“CIPA”) violations against companies that use third-party tracking technology to collect consumer data on their...more
Despite some favorable rulings, lawsuits alleging California Invasion of Privacy Act (“CIPA”) claims against companies that use third-party tracking technology to collect consumer data on their websites show no signs of...more
Perhaps no use case better exemplifies the rapidly evolving privacy law landscape in the US than the legal framework surrounding companies’ use of cookies, pixels, and other web trackers. The 119th Congress brings new...more
Some businesses might be surprised to learn that digital wiretapping litigation claims are one of today’s fastest-growing compliance risks, with over 1,560 lawsuits filed in 28 states since a groundbreaking 2022 decision...more
Countless hours are being spent categorizing cookies and other tracking technologies to work with consent management platforms, part of a purpose-built industry aiming to help companies deal with the increasingly complex and...more
To paraphrase Animal Farm, all pixels are not created equal, but some pixels are more privacy invasive than others. Here are some recent points I made during a presentation to some of my firm’s litigators:...more
In 2018, there were two comprehensive state data privacy bills introduced across the United States and a whopping zero were in effect. Fast forward six years and there have been 41 new data privacy bills considered this year...more
In a critical new decision, the Massachusetts Supreme Judicial Court has confirmed that the state’s anti-wiretapping statute does not extend to website tracking technologies. In Vita v. New England Baptist Hospital, the Court...more
October has offered valuable insights for companies managing privacy obligations related to user tracking, with courts issuing opinions on various wiretap laws and the Video Privacy Protection Act (VPPA) in the context of...more
Perhaps no use case better exemplifies the rapidly evolving privacy law landscape in the US than the legal framework surrounding companies’ use of cookies, pixels, and other web trackers. Gone are the days where marketing...more
Keypoint: Massachusetts’ highest court ruled the use of software that tracks users’ activity on its website does not violate the state’s Wiretap Act, which was intended to prevent the recording or interception of...more