No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Rethinking Records Retention
#Risk New York Speaker Series: The Future of AI Governance in GRC with Matt Kelly
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
In April of this year, the California Privacy Protection Agency imposed a $632,500.00 monetary penalty on American Honda Motor Co. In our discussion of that action - Are Cookies Banners Crumbling? – we raised the alarm for...more
Websites are ubiquitous, and so are cookies and tracking pixels (a/k/a web beacons). A web browser uses cookies to store login details and preferences; the cookies also track and profile user behavior. When visiting a...more
A California bill aimed at curbing the explosion of lawsuits filed against businesses using common website tools like cookies, pixels, and session replay software has stalled out in the 2025 legislative session, meaning your...more
Healthline Media has agreed to pay $1.55 million to resolve allegations that it violated the California Consumer Privacy Act (CCPA) – which is the largest settlement to date under the state’s landmark privacy law. The...more
In a significant win for the defense, a California federal judge denied class certification in a California Invasion of Privacy Act (CIPA) suit alleging that AddShoppers and Peet’s Coffee unlawfully tracked website visitors...more
It’s 2025, and somehow, we’re still dealing with lawsuits over a law that was born in the pen registers and rotary phones era. That law, the California Invasion of Privacy Act (CIPA), a decades-old statute that’s suddenly...more
Orrick's Founder Series offers monthly top tips for UK startups on key considerations at each stage of their lifecycle, from incorporating a company through to possible exit strategies. The Series is written by members of our...more
Businesses just received some good news when a federal court dismissed a California Invasion of Privacy Act (CIPA) claim that aimed to expand the reach of the state’s wiretapping law to cover internet communications. The...more
Video game developer Ubisoft, Inc. came out on top earlier this month in the Northern District of California when a judge dismissed, with prejudice, a class action claiming that the company’s use of third-party website pixels...more
In a big win for businesses, a California federal court just held that a “tester” plaintiff – someone who visits websites for purposes of initiating litigation – cannot bring a claim under the California Invasion of Privacy...more
In late March, an online retailer successfully asserted consent as a complete defense to a putative Pennsylvania Wiretapping and Electronic Surveillance Control Act of 1978 (WESCA) class action lawsuit, resulting in the...more
Recent months have seen a dramatic increase in demand letters and litigation targeting websites and mobile apps. These claims often allege privacy violations stemming from the use of various technologies such as chat bots,...more
An oft-discussed topic on this blog is the rise in lawsuits asserting illegal wiretapping claims against companies that use technology on their websites to track consumer interactions. Recently, a Pennsylvania federal judge...more
Almost every business has a website; every website should have a privacy policy, terms of use, and, in some cases, a consumer privacy rights notice—if certain state consumer privacy rights laws apply to your business, such as...more
Two recent court decisions have provided businesses with long-awaited clarity on the reach of the California Invasion of Privacy Act (CIPA) – and could begin to redefine digital privacy litigation for the better. Two separate...more
Following our recent client alert, learn more about enforcement targeting website tracking technologies and the impact on organizations in 2025. Elliot Golding and David Saunders share further insights from working with...more
In what appears to be a first-of-its-kind decision, a California federal court just granted class certification in a wiretapping claim brought against a website operator that used third-party technology to track users’...more
Countless hours are being spent categorizing cookies and other tracking technologies to work with consent management platforms, part of a purpose-built industry aiming to help companies deal with the increasingly complex and...more
Many people are thinking of holiday cookies at this time of year, but your favorite privacy lawyers are still thinking more about the non-delicious kind: those enabling common features on websites and online services. That’s...more
Businesses that use website tracking software to monitor activity for marketing purposes must comply with a growing list of state laws – but does that include a nearly 60-year-old Massachusetts law requiring consent to record...more
Businesses with a website beware: California regulators just warned that the law prohibits your website from making website users jump through hoops or otherwise confusing them as they try to exercise their privacy rights,...more
In a significant move to enhance consumer privacy and promote transparency in digital practices, the New York State Attorney General recently published two critical guides: “Website Privacy Controls: A Guide for Business” and...more
These lawsuits make generalized allegations that business websites use software or tools to collect various types of device and browsing information from website visitors and that businesses then share such information with...more
New York Attorney General Letitia James recently released guidance for businesses and consumers about website tracking technologies. The consumer guide provided examples of common cookies, tracking technologies, and how...more
Recently, the Office of the New York State Attorney General (OAG) issued an advisory warning business that website tracking technology may violate New York consumer protection laws, including the state’s Uniform Deceptive...more