Life With GDPR: Cookie Compliance
Universal Consent: Building Beyond Cookie Consent
Data Dividend: What is Personal Data Worth?
Privacy Litigation Trends: Meta Pixels, Cookie Opt-Out, and Sale of Data
Data Revolution: How U.S. Privacy Laws Change the Way Data Should be Managed by Retail and Tech Industries
Fashion Counsel: Privacy in the Retail Fashion Industry
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
Trends and areas of focus under U.S. state data protection laws emerge as U.S. states with data protection laws in place increase enforcement actions and coordination....more
On April 21, 2025, a Ninth Circuit en banc panel revived (by a 10-1 decision) a putative class action against Shopify, Inc. alleging violations of privacy and data rights via use of cookies. In reversing both the district...more
On March 3, 2025, the U.S. District Court for the Northern District of California issued a significant ruling that has the potential to broaden the risk of liability under the California Consumer Privacy Act (CCPA). ...more
On Monday, April 21, 2025, the U.S. Court of Appeals for the Ninth Circuit, sitting en banc, issued an opinion in Briskin v. Shopify, Inc., __ F.4th __ (9th Cir. Apr. 21, 2025), that plaintiffs will cite to attempt to expand...more
Two recent court decisions have provided businesses with long-awaited clarity on the reach of the California Invasion of Privacy Act (CIPA) – and could begin to redefine digital privacy litigation for the better. Two separate...more
Following our recent client alert, learn more about enforcement targeting website tracking technologies and the impact on organizations in 2025. Elliot Golding and David Saunders share further insights from working with...more
How could an obscure privacy law from 1988 majorly disrupt online video streaming as we know it and make tech giants like Meta and Netflix targets of class action lawsuits?...more
Morrison Foerster’s State and Local Government Task Force is pleased to provide our bimonthly newsletter summarizing some of the most important and interesting developments from State Attorneys General across the country and...more
A California federal court recently ruled that disclosure of certain data collected through website cookies that may qualify as health information could trigger a data breach under the California Consumer Privacy Act (CCPA) –...more
In the latest iteration of privacy claims, California plaintiffs have begun filing lawsuits against online retailers using online tracking technologies to collect IP addresses under a new theory—plaintiffs allege such...more
On March 18, 2024, the Office of Civil Rights (“OCR”) within the Department of Health and Human Services (“HHS”) updated prior guidance concerning the use of online tracking technologies, including cookies, by Covered...more
From October 3rd to 5th in Boston, the Attorney General Alliance (AGA) held a series of working group meetings focused on topics uppermost in the minds of state AGs: cybersecurity, organized retail crime (ORC) and cannabis....more
Earlier this month, the United States Department of Health and Human Services’ Office of Civil Rights (“OCR”), the organization that has jurisdiction over enforcement of the Health Insurance Portability and Accountability Act...more
In the tech space, the tools at our disposal and the associated terminology fluctuate more than the late, great Prince decided to change his stage name. This time up, the “Artist Formerly Known as Universal Analytics” had a...more
Recent decisions from the European Union (EU) have placed renewed focus on the use of common cookies used on ecommerce and other websites used by consumers and employees and transfers of personal data collected through...more
United Kingdom New Standard Contractual Clauses Submitted to Parliament - The United Kingdom has finalized its new International Data Transfer Agreement and Addendum to the new EU standard contractual clauses. Subject to...more
On 19 January 2022, the European Data Protection Board (EDPB) announced the outcomes of its plenary session that took place earlier this week. The EDPB adopted new guidelines that provide guidance on various aspects of data...more
The California Consumer Privacy Act (CCPA), considered one of the most expansive U.S. privacy laws to date, went into effect on January 1, 2020. The CCPA placed significant limitations on the collection and sale of a...more
The German Data Protection Conference (DSK) issued guidance on the Federal Act on the Regulation of Data Protection and Privacy in Telecommunications and Telemedia (‘TTDSG’), which went into effect on December 1, 2021...more
France’s data protection authority (CNIL) has proved again its determination to continue its enforcement strategy by issuing some 30 new formal notices to comply with its new guidelines on cookies on December 14, 2021....more
Across the economy, businesses are using digital technology to pivot into innovative service lines, accelerate growth and transform their businesses altogether. These businesses’ digital strategies and data assets play...more
A cynical online commenter once wrote this about the data collection practices of the online news site Digg: “If you are not paying for it, you’re not the customer; you’re the product being sold.” This is true of almost...more
The Virginia Consumer Data Protection Act (CDPA) overwhelmingly passed both legislative chambers this month and is expected to be signed by the Governor in the coming weeks with an effective date of January 1, 2023. Best...more
The regulation of cookies and similar tracking technologies is rapidly evolving, not only in the European Union and United Kingdom but also in the United States and globally. If you have visited a website recently, you might...more
This quarterly update highlights some of the international data protection issues that have caught our attention, and the attention of our clients, in the past three months....more