Privacy Litigation Trends: Meta Pixels, Cookie Opt-Out, and Sale of Data
No Password Required: The Philosopher CISO of Tallahassee Who Lives to Help Other People
Der gläserne Leser - Wie Tracking-Dienste Leser von E-Books analysieren
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
The Ninth Circuit court of appeals reviewed three separate proposed class actions against Papa John’s International Inc., Converse Inc., and Bloomingdale’s, all centered on whether certain website tracking activities violated...more
In a significant win for the defense, a California federal judge denied class certification in a California Invasion of Privacy Act (CIPA) suit alleging that AddShoppers and Peet’s Coffee unlawfully tracked website visitors...more
Readers of this blog are aware of the barrage of California Invasion of Privacy (“CIPA”) claims brought against online companies. Recently, an unfavorable decision from the Ninth Circuit Court of Appeals (“Ninth Circuit”)...more
A national leader in privacy law, California was among the first states to include an express right to privacy in its constitution, create a data breach notification law, and codify robust consumer data protections. ...more
In a significant decision for privacy class action litigation, a federal judge in California recently denied the certification of a proposed class action involving claims under the state’s invasion of privacy law. The May 29...more
Video Privacy Protection Act (VPPA) class action lawsuits have been on the rise, and the owner of the The Onion, a popular satire site, finds itself the subject of a recent one. On May 16, 2025, a plaintiff-initiated...more
Over the last several years, California appellate courts have begun to align the threshold standing analysis under California law with the federal Article III standing requirements, presenting an emergingly viable...more
CYBERSECURITY - U.S. Retailers Bracing for Scattered Spider Attacks - Google sent out a warning that the cybercriminal group Scattered Spider is targeting U.S.-based retailers. Scattered Spider is believed to have been...more
A California federal court just certified a significant class action involving allegations that a health-tracking app improperly shared sensitive health information with third parties without user consent. The court’s May 22...more
On April 21, 2025, the United States Court of Appeals for the Ninth Circuit, sitting en banc, issued a decision in Briskin v. Shopify, Inc. substantially broadening the exercise of personal jurisdiction over online businesses...more
Financial institutions that use code-based tracking technologies may soon find themselves facing increased scrutiny and legal exposure as the next wave of class action litigation begins. On December 19, 2024, a member of...more
In an earlier piece, we discussed the increase in recently-filed California Invasion of Privacy Act (“CIPA”) TikTok trap and trace device lawsuits. Generally, TikTok trap and trace actions allege that the use of TikTok...more
Key Takeaways - - At least four courts have now held that retailers using email for marketing are not considered “communication service providers” and therefore are not subject to TUCSRA. - At least five courts have now held...more
Wild, wild, west? Web tracking may be the new frontier in class action litigation. With thousands of lawsuits filed in California and increasingly in other states against organizations, including many who may not realize the...more
In a prior alert, we predicted an uptick in class action complaints brought under the California Invasion of Privacy Act (CIPA) alleging that modern website analytical tools such as pixels, cookies and session replay software...more
Enacted in 1988, the Video Privacy Protection Act (VPPA) was intended to regulate the then-booming videotape industry by limiting how video rental and sales data is disclosed. The law was enacted in direct response to the...more
On April 21, 2025, a Ninth Circuit en banc panel revived (by a 10-1 decision) a putative class action against Shopify, Inc. alleging violations of privacy and data rights via use of cookies. In reversing both the district...more
Two recent decisions from the Northern District of California—Shah v. Capital One Financial Corp., No. 24-cv-05985-TLT, 2025 WL 714252 (N.D. Cal. Mar. 3, 2025), and M.G. v. Therapymatch, Inc., No. 23-cv-04422-AMO, 2024 WL...more
Well-drafted and enforceable terms of use are an essential risk management tool for any business, particularly e-commerce sellers and online service providers. Despite their importance, however, terms of use are often...more
On March 3, 2025, the U.S. District Court for the Northern District of California issued a significant ruling that has the potential to broaden the risk of liability under the California Consumer Privacy Act (CCPA). ...more
Companies doing business in California continue to face a surge in privacy-related complaints and lawsuits under the California Invasion of Privacy Act (CIPA), a 1960s-era law designed to prevent unlawful telephone...more
Businesses need to remain vigilant regarding recent developments in consumer-based data privacy class actions. In recent weeks, the plaintiff class action bar has filed several lawsuits against The Trade Desk Inc. related to...more
Courts across the country are becoming skeptical of data breach and web tracking claims that assert theoretical privacy violations without alleging any actual injury to the plaintiffs. Recent decisions underscore that courts...more
Yahoo’s ConnectID is a cookieless identity solution that allows advertisers and publishers to personalize, measure, and perform ad campaigns by leveraging first-party data and 1-to-1 consumer relationships. ConnectID uses...more
Readers of this blog know about the never-ending barrage of consumer privacy litigation commenced against online companies in connection with their collection of consumer data. Several of these cases have recently been filed...more