Photo of Rafael Langer-Osuna

Rafael Langer-Osuna

Although data breaches and data breach litigation are not rare, trials concerning the appropriate response to cybersecurity incidents are.  For this reason many, particularly those involved with incident response, have been keeping a close eye on a federal trial underway in Missouri.  The case involved a law firm sued by its former client, an insurance

Data breach litigation continues to expand with each new state law passed to regulate data storage and disclosures. This context poses particular challenges for protecting the attorney-client privilege and work-product doctrine.  In the wake of cybersecurity, data breach, or data disclosure incident, it is routine to retain outside counsel and third-party forensic experts to investigate.

Data breach litigation continues to expand with each new state law passed to regulate data storage and disclosures. This context poses particular challenges for protecting the attorney-client privilege and work-product doctrine.  In the wake of cybersecurity, data breach, or data disclosure incident, it is routine to retain outside counsel and third-party forensic experts to investigate.

2021 was another record setting year for the California Consumer Privacy Act (“CCPA”).  Read on for CPW’s highlights of the year’s most significant events concerning CCPA litigation, as well as our predictions for what 2022 may bring.

2020 Recap: The CCPA Comes Into Effect

The CCPA went into effect on January 1, 2020.  It regulates

2021 was another year of high activity in the realm of data event and cybersecurity litigations with several noteworthy developments.  CPW has been tracking these cases throughout the year.  Read on for key trends and what to expect going into the 2022.

Recap of Data Breach and Cybersecurity Litigations in 2020

2021 heralded several developments

Meta, the parent company of Facebook, has sued Hong Kong based Social Data Trading Ltd. for scraping data from millions of Instagram and Facebook profiles.  Meta alleges that after it blocked Instagram and Facebook access to Social Data Trading, the company continued to surreptitiously pull profile information from both websites.   Meta alleges that Social Data

Earlier this year, CPW covered the Colonial Pipeline cyberattack and the two putative class actions filed in reaction to that cyberattack, (Dickerson v. CDCP Colonial Partners, L.P., Case No. 1:21-cv-02098 (N.D. Ga.) and EZ Mart 1, LLC v. Colonial Pipeline Company, Case No. 1:21-cv-02522 (N.D. Ga.)).  Recall these putative class actions

As CPW’s Kristin Bryan and Rafael Langer-Osuna cover in depth at Law360, one developing area of the law that sends shivers down the spine of data breach litigators is a growing number of federal courts holding that the attorney-client and work product privilege do not apply to internal investigatory reports and related communications.  As

Last week the Supreme Court’s decision in Van Buren v. United States resolved a decade-long circuit split concerning the “exceeds authorized access” clause of the Computer Fraud and Abuse Act (“CFAA”).  Taking up the issue of whether an individual who has legitimate access to a computer network but accesses it for an improper or