Data Privacy

This year, Congress is steadily progressing towards enacting meaningful legislation on artificial intelligence (AI) for the first time. At the end of 2023, Senate Majority Leader Chuck Schumer (D-NY) and his “Gang of Four” (Senators Todd Young (R-IN), Martin Heinrich (D-NM), and Mike Rounds (R-SD)) concluded their AI Insight Forums, a series of sessions where

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Newly Issued Guidelines on Standard Contracts for Cross-boundary Data Flow Within the Greater Bay Area (i.e., Hong Kong, Macau and

The Consumer Financial Protection Bureau (the “CFPB”) recently issued a Notice of Proposed Rulemaking to implement Section 1033 of the Dodd-Frank Act (“Section 1033”). Section 1033 generally requires covered persons to make information concerning a financial product or service that a consumer has obtained from such person available to the consumer, subject to CFPB rulemaking.

The rule recently proposed by the CFPB to implement Section 1033 (the “Proposed Rule”) would require that certain entities make transaction and other account data more readily available to consumers and authorized third parties. It also would impose privacy and information security obligations and limitations on these entities, as well as on third parties authorized to collect and use that data. These requirements and limitations are discussed in more detail below.Continue Reading CFPB Issues Notice of Proposed Rulemaking on Open Banking

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Kyle Fath to Discuss California DELETE Act and Data Brokers on NAI Panel on Wednesday, December 13 | Privacy World

In a decision last week, the Ninth Circuit Court of Appeals affirmed dismissal of a putative class action concerning allegations that Shopify violated various California privacy and unfair competition laws by purportedly concealing its involvement in online consumer transactions.  Briskin v. Shopify, Inc., No. 22-15815, 2023 WL 8225346 (9th Cir. Nov. 28, 2023).  In

Earlier this fall, the Fourth Circuit vacated the district court’s class certification order in the Marriott data breach MDL because of the potential applicability of a class action waiver defense. See In re Marriott Int’l Consumer Data Security Breach Litig., 78 F.4th 677 (4th Cir. 2023). Our post on this decision can be found here. On remand, the district court took little time to conclude that Marriott had waived the class action waiver in the Choice of Law and Venue provision of the putative class members’ contracts and that regardless “the adhesive provision, buried on the last page of the Terms cannot direct this Court to ignore the provisions of Rule 23 of the Federal Rules of Civil Procedure.”  In re Marriott Int’l Consumer Data Security Breach Litig., 2023 WL 8247865 (D. Md. Nov. 29, 2023). The district court thus reinstated the classes as earlier certified.Continue Reading District Court Quickly Reinstates Class Certification in Marriott Data Breach Litigation

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Privacy Challenges for Digital Advertising, Particularly in Europe

The Online Safety Act: Does this present a difficult balancing act for

Last week, the Attorney General for California filed a notice of appeal to overturn a federal court ruling that the state’s Age-Appropriate Design Code Act (“CAADCA”) likely violates the First Amendment.  The appeal will put the constitutionality of California’s act before the Court of Appeals for the Ninth Circuit.

Following unanimous votes by the California

The federal Video Privacy Protection Act (“VPPA”) is one of the most frequently litigated data privacy statutes. This month, a California federal court dismissed VPPA claims brought against Hershey, making clear that VPPA liability does not extend to all websites with playable video clips. Rodriguez v. The Hershey Company, et al., No. 3:23-cv-00398-L-DEB, 2023 WL

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Registration Open for In-Person CLE: The Important Role Legal Plays in an Era of Growing Data Risks – Key Findings