Since October 1, 2022, new obligations relating to the warranties of conformity and of hidden defects, as well as new warranties for digital content and services, have come into force and require the update of the consumer Terms and Conditions.

Context

The changes were made by the decree n°2022-946 of June 29, 2022, “relating to the statutory warranty of conformity for goods, digital content and digital services,” which came into effect on October 1, 2022.

This decree revises and completes the regulatory provisions of the French consumer code following the reform carried out by Ordinance No. 2021-1247 of September 29, 2021, which transposed European Directives (EU) 2019/770 “on certain aspects concerning contracts for the supply of digital content and digital services” and (EU) 2019/771 “on certain aspects concerning contracts for the sale of goods.”

The objective of these texts is to modernize the statutory warranty of conformity and consumer contracts to strengthen consumer protection and create a statutory warranty for the provision of digital content or digital services.

Continue Reading Have You Updated Your French B2C T&Cs Yet?

In February of this year, Federal Communications Commission (“FCC”) Chairwoman Jessica Rosenworcel announced that she had submitted a proposal to her colleague Commissioners to regulate “ringless voicemails” to wireless phones under the Telephone Consumer Protection Act (“TCPA”). She noted that “‘[r]ingless voicemail can be annoying, invasive, and can lead to fraud like other robocalls—so it should face the same consumer protection rules…’” The proposal would require that “callers to obtain a consumer’s consent before delivering a ‘ringless voicemail,’ a message left in their mailbox without ringing their cell phone.”

On November 21, 2022, the FCC released a unanimous Declaratory Ruling and Order (“Ruling”) finding that “‘ringless voicemail’ to wireless phones requires consumer consent because it is a ‘call’ made using an artificial or prerecorded voice and thus is covered by section 227(b)(1)(A)(iii) of the 1991 Telephone Consumer Protection Act…” The FCC acted even though All About the Message (“AATM”), who filed the initial petition arguing for various reasons that the TCPA did not apply to ringless voicemail, filed a letter to withdraw the request. The agency noted “substantial attention from commenters, and members of Congress, and the applicability of the TCPA to ringless voicemail technology has been the subject of considerable recent litigation…” warranted addressing the issue. Indeed, the FCC’s Consumer and Governmental Affairs Bureau received over 8,000 comments and replies in connection with the AATM petition, almost all in opposition.

The FCC declared that AATM’s ringless voicemail technology was a “call” under the TCPA for the same reasons that the FCC found in 2015 that computer-generated text messages sent to a carrier’s text server were calls for TCPA purposes. The fact that the “calls” were directed to the consumer’s wireless telephone number was a key fact – “the telephone number assigned to a consumer’s wireless phone and associated with the voicemail account is a necessary and unique identifier for the consumer in the ringless voicemail context.” The agency concluded that its Ruling is consistent with the ordinary meaning of “call” and the legislative history and purpose of the TCPA. 

Among other things, the Commission rejected the AATM argument that ringless voicemail is “non-invasive.” The agency’s Ruling noted: “As the commenters and complainants explain, consumers cannot block these messages and consumers experience an intrusion on their time and their privacy by being forced to spend time reviewing unwanted messages in order to delete them. The consumer’s phone may signal that there is a voicemail message and may ring once before the message is delivered, which is another means of intrusion. Consumers must also contend with their voicemail box filling with unwanted messages, which may prevent other callers from leaving important wanted messages.”

The Ruling, which became effective on its release, applies to “any entity that provides ringless voicemail using the end user’s mobile telephone number to direct the ringless voicemail message to a mailbox associated with the end user’s mobile phone.”

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Federal Court Dismisses Biometric Privacy Class Action Brought Against University, On Basis It Was a Regulated “Financial Institution”

Recent BIPA Opinion Illustrates Continued Uncertainty Underlying Core Issues in Biometric Privacy Class Action Litigation

Federal Court Rules in Favor of LinkedIn’s Breach of Contract Claim after Six Years of CFAA Data Scraping Litigation

CPW’s Kristin Bryan, Scott Warren, and James Brennan to Speak at Conference on Data Privacy, Cybersecurity, and Governance, Risk & Compliance

Federal Court Sanctions Company for Spoilation of Evidence Over Arguments Data Settings Changed to Comply with CCPA and ISO Requirements

Ed Tech Company’s Four Data Breaches in Three Years Leads to FTC Enforcement Action

The California Privacy Protection Agency (CPPA) Releases California Privacy Rights Act (CPRA) Modified Regulations for Public Comment

The California Privacy Protection Agency (CPPA) Decides on a Roadmap for Revised California Privacy Rights Act (CPRA) Regulations

Burn After Reading… Data Retention Compliance

For almost four years now, attorneys have remained relentless in their quest to extend the outer boundaries of the Illinois Biometric Information Privacy Act (BIPA) as far as courts are willing to allow. During this period, many defendants have struggled with procuring dismissals of BIPA class claims.

One particular defense, however, has developed into an extremely robust tool for companies engaged in biometric privacy class suits: BIPA’s “financial institution” exemption. Contrary to what its name suggests, the benefits of this entity-level carve-out extend to a range of entities well beyond traditional banks and financial institutions. A recent BIPA opinion issued by a Northern District of Illinois court demonstrates the expansive scope of the exemption and provides several key takeaways for defendants to defend against—and outright defeat—BIPA claims at a time when biometric privacy class action exposure continues to grow.

Continue Reading Federal Court Dismisses Biometric Privacy Class Action Brought Against University, On Basis It Was a Regulated “Financial Institution”

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Recent BIPA Opinion Illustrates Continued Uncertainty Underlying Core Issues in Biometric Privacy Class Action Litigation | Consumer Privacy World

Federal Court Rules in Favor of LinkedIn’s Breach of Contract Claim after Six Years of CFAA Data Scraping Litigation | Consumer Privacy World

CPW’s Kristin Bryan, Scott Warren, and James Brennan to Speak at Conference on Data Privacy, Cybersecurity, and Governance, Risk & Compliance | Consumer Privacy World

Federal Court Sanctions Company for Spoilation of Evidence Over Arguments Data Settings Changed to Comply with CCPA and ISO Requirements | Consumer Privacy World

Ed Tech Company’s Four Data Breaches in Three Years Leads to FTC Enforcement Action | Consumer Privacy World

The California Privacy Protection Agency (CPPA) Releases California Privacy Rights Act (CPRA) Modified Regulations for Public Comment | Consumer Privacy World

The California Privacy Protection Agency (CPPA) Decides on a Roadmap for Revised California Privacy Rights Act (CPRA) Regulations | Consumer Privacy World

Burn After Reading… Data Retention Compliance | Consumer Privacy World

NOW AVAILABLE: Practical Guidance Podcast on “BIPA and Forthcoming Changes to Biometric Privacy Laws” ft. CPW’s Kristin Bryan | Consumer Privacy World

CPW’s Kristin Bryan Interviewed by the Washington Post Regarding the FTC’s Focus on Cybersecurity | Consumer Privacy World

Third Circuit Denies Rehearing En Banc, Amends Opinion in Key Pennsylvania Wiretap Case Over Internet Third-Party Marketing | Consumer Privacy World

California Appellate Court In Ruling of First Impression Affirms Denial of Class Certification in Data Breach Involving Confidential Medical Information | Consumer Privacy World

When AI-powered Tools Bring (EU) Privacy Troubles – Biometric Templates Identify First | Consumer Privacy World

Security Breach Results in FTC Action, With Accompanying Executive Liability | Consumer Privacy World

Chamber of Commerce Challenges CFPB Anti-Bias Focus Concerning AI | Consumer Privacy World

While the Illinois Biometric Information Privacy Act (BIPA) remains one of the hottest areas of class action litigation today, many core issues underlying BIPA disputes remain unsettled and uncertain at this time. And as the recent decision by the Northern District of Illinois in Kukovec v. Estee Lauder Co., Inc., No. 22 CV 1988, 2022 U.S. Dist. LEXIS 202212 (N.D. Ill. Nov. 7, 2022) shows, courts are often in disagreement on many of these key matters—underscoring the need for compliance with the statutory requirements of the Illinois biometrics law.  

Plaintiff Kukovec used a makeup try-on tool (“VTO Tool”) on the website of Too Faced Cosmetics, owned by Estee Lauder. The plaintiff claimed that the VTO Tool collected her facial geometry in violation of Sections 15(a) and (b) of BIPA. Estee Lauder subsequently moved to dismiss the complaint based on (among other things) the existence of an agreement to arbitrate and failure to plead a cognizable claim.

Continue Reading Recent BIPA Opinion Illustrates Continued Uncertainty Underlying Core Issues in Biometric Privacy Class Action Litigation

We have been covering the hiQ-LinkedIn data-scraping saga for several years now on CPW. (See previous posts here, here, here, and here).

After well-publicized litigation that made its way to the Supreme Court and back again, the United States District Court for the Northern District of California ruled[1] that the provisions of a website user agreement that prohibit anti-scraping and fake profiles are enforceable in a breach of contract claim. Businesses should take note and ensure that their own conduct enforces their terms and conditions in order to prevent violators from successfully claiming affirmative defenses. If a business knows of a violation, and wants to have enforceable terms, it should pursue remedying that violation.

Continue Reading Federal Court Rules in Favor of LinkedIn’s Breach of Contract Claim after Six Years of CFAA Data Scraping Litigation

CPW’s Kristin BryanScott Warren, and James Brennan will be key speakers at the Global Legal ConfEx on “GRC, Data Privacy & Cyber Security” on Thursday, November 17, 2022, in San Francisco.  

Continue Reading CPW’s Kristin Bryan, Scott Warren, and James Brennan to Speak at Conference on Data Privacy, Cybersecurity, and Governance, Risk & Compliance

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Federal Court Sanctions Company for Spoilation of Evidence Over Arguments Data Settings Changed to Comply with CCPA and ISO Requirements | Consumer Privacy World

Ed Tech Company’s Four Data Breaches in Three Years Leads to FTC Enforcement Action | Consumer Privacy World

The California Privacy Protection Agency (CPPA) Releases California Privacy Rights Act (CPRA) Modified Regulations for Public Comment | Consumer Privacy World

The California Privacy Protection Agency (CPPA) Decides on a Roadmap for Revised California Privacy Rights Act (CPRA) Regulations | Consumer Privacy World

Burn After Reading… Data Retention Compliance | Consumer Privacy World

NOW AVAILABLE: Practical Guidance Podcast on “BIPA and Forthcoming Changes to Biometric Privacy Laws” ft. CPW’s Kristin Bryan | Consumer Privacy World

CPW’s Kristin Bryan Interviewed by the Washington Post Regarding the FTC’s Focus on Cybersecurity | Consumer Privacy World

Third Circuit Denies Rehearing En Banc, Amends Opinion in Key Pennsylvania Wiretap Case Over Internet Third-Party Marketing | Consumer Privacy World

California Appellate Court In Ruling of First Impression Affirms Denial of Class Certification in Data Breach Involving Confidential Medical Information | Consumer Privacy World

When AI-powered Tools Bring (EU) Privacy Troubles – Biometric Templates Identify First | Consumer Privacy World

Security Breach Results in FTC Action, With Accompanying Executive Liability | Consumer Privacy World

Chamber of Commerce Challenges CFPB Anti-Bias Focus Concerning AI | Consumer Privacy World

 

A federal court recently sanctioned defendants for spoilation of evidence in litigation. In doing so, the Court rejected the Defendant’s argument that they changed their data settings in good faith to align with the California Consumer Privacy Act of 2018 (“CCPA”) and the International Standard of Operation Compliance (“ISO”). 2022 U.S. Dist. LEXIS 178233 (N.D. Ohio Sep. 29, 2022). Read on to learn more.

Continue Reading Federal Court Sanctions Company for Spoilation of Evidence Over Arguments Data Settings Changed to Comply with CCPA and ISO Requirements