Cookies

For years, one of the most frequently litigated privacy laws has been the Video Privacy Protection Act (“VPPA”), 18 U.S.C. § 2710, a federal statute enacted in 1988 in response to the disclosure of then-Supreme Court nominee Robert Bork’s videotape rental history by a video store to a reporter, who published the list.  Despite its analogue origins, this decades-old statute has been used by the plaintiff’s bar (incentivized by the VPPA’s $2,500 per violation liquidated damages provision) in putative class action litigation brought against any business whose website contains playable videos and third-party cookies.

This past year, there were several significant court rulings in litigation under the VPPA.  These decisions addressed hotly contested VPPA elements while also laying the foundation for a potential circuit split.  Squire Patton Boggs’ globally ranked “Elite” Data Disputes team is well experienced defending businesses and their data practices, including in the realm of VPPA litigation and (mass) arbitration.  In this article, informed by our practical experience litigating and arbitrating VPPA cases, we: (I) provide a brief primer on VPPA elements and litigation theories, (II) cover a Second Circuit decision, and other district court decisions, on the definition of personally identifiable information under the VPPA (III) address decisions from the Sixth, Seventh, and D.C. Circuits on the scope of persons who can bring VPPA claims, and (V) give an update on a recent Eighth Circuit decision regarding which businesses are subject to the VPPA.  These areas are all likely to bear upon VPPA claims and ongoing litigation in 2026, making this a must read for in-house counsel and practitioners in this space.Continue Reading 2025 Video Privacy Protection Act Litigation Year in Review

Mass arbitrations—where a plaintiffs’ firm brings dozens, hundreds, or thousands of identical claims against a business—is a mechanism increasingly relied upon by the plaintiffs’ bar in the past few years.  This is because mass arbitrations enable a plaintiffs’ firm to create settlement pressure by leveraging unavoidable arbitration fees borne by a business regardless of the merits of the claims filed.  Further powered by litigation funding, plaintiffs’ firms have used the mass arbitration device to bring vexatious claims and escape review of the merits or any downside risk.Continue Reading 2025 Mass Arbitration Year in Review

Each year, the French data protection authority, “CNIL”, conducts hundreds of investigations (345 in 2022) on the basis of complaints received, notification of data breaches, information conveyed by press or other media, but also annual priority topics set by the CNIL. These topics are the following for 2023.
Continue Reading Priority Topics for French CNIL Investigations in 2023: “Smart” Cameras, Mobile Apps, Bank and Medical Records

Kyle Dull (Senior Associate, New York/Miami) will speak on Friday, September 16, at the Association of Corporate Counsel (ACC) South Florida Chapter’s 12th Annual CLE Conference, “Casino Royale: Accepting the In-House Mission.” Kyle’s aptly named panel, “For Your Eyes Only: Dealing with Security Risks, New Privacy Laws, and Vendor Management,” will cover the current

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

CJEU Rules Consumer Associations Can File Data Infringement Class Actions Without a Consumer Mandate

CPW’s Scott Warren Joins Faculty

Members of the globally recognized Squire Patton Boggs (US) LLP’s Data Privacy, Cybersecurity & Digital Assets Practice gathered in Washington, DC, to participate in person at the IAPP Global Privacy Summit (“GPS 2022”). The Practice has experienced tremendous growth in the past twelve months under the leadership of Alan Friel. The full contingency of

On Tuesday, April 5, CPW’s Alan Friel joined forces with Rebecca Perry, Director of Strategic Partnerships at Exterro, to share their expertise during the “Preparing for 2023 – Tools and Tips to Be Ready for New US Privacy Laws” webinar hosted by Global Data Review.

During this one-hour long virtual session, the duo discussed

The UK’s Competition and Markets Authority (“CMA”), Information Commissioner’s Office (“ICO”) and Google have agreed legally binding commitments from Google on the development of its Privacy Sandbox proposals.

These proposals relate to the removal of third-party cookies – to be phased out by 2023 – in the Chrome browser and Chromium browser engine, which will

On February 2, 2022, the Belgian Data Protection Authority (the ‘Belgian DPA’) imposed a number of sanctions against Interactive Advertising Bureau Europe (‘IAB Europe’), for alleged violations of the EU General Data Protection Regulation (the ‘GDPR’) by its Transparency and Consent Framework (the ‘TCF’).

TCF is developed by IAB Europe, in partnership with IAB Tech

In case you missed it, below is a summary of recent posts from CPW.  Please feel free to reach out if you are interested in additional information on any of the developments covered.

2021 Year in Review: Data Breach and Cybersecurity Litigations | Consumer Privacy World

2021 Year in Review: Financial Privacy Litigation and Developments