Data Privacy

District Court Quickly Reinstates Class Certification in Marriott Data Breach Litigation

By Amy Doolittle & Katy Spicer on December 6, 2023

Posted in Class Action, Data Breach, Data Privacy

Earlier this fall, the Fourth Circuit vacated the district court’s class certification order in the Marriott data breach MDL because of the potential applicability of a class action waiver defense. See In re Marriott Int’l Consumer Data Security Breach Litig., 78 F.4th 677 (4th Cir. 2023). Our post on this decision can be found here. On remand, the district court took little time to conclude that Marriott had waived the class action waiver in the Choice of Law and Venue provision of the putative class members’ contracts and that regardless “the adhesive provision, buried on the last page of the Terms cannot direct this Court to ignore the provisions of Rule 23 of the Federal Rules of Civil Procedure.” In re Marriott Int’l Consumer Data Security Breach Litig., 2023 WL 8247865 (D. Md. Nov. 29, 2023). The district court thus reinstated the classes as earlier certified.Continue Reading District Court Quickly Reinstates Class Certification in Marriott Data Breach Litigation

Privacy World Week in Review

By Kristin Bryan on November 20, 2023

Posted in Artificial Intelligence, Artificial Intelligence Act (AIA), China, Compliance, Content Moderation, Cybersecurity, Data Breach, Data Privacy, Digital Advertising, Digital Markets, EU, Events, Federal Trade Commission (FTC), France, French National Commission on Informatics and Liberty (CNIL), General Data Protection Regulation (GDPR), Interest-Based Advertising (“IBA”), Japan, Litigation, Online Safety Act ("OSA"), Social Media, UK, UK Online Safety Bill, Webinar

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Privacy Challenges for Digital Advertising, Particularly in Europe

The Online Safety Act: Does this present a difficult balancing act for…

California Attorney General Appeals Federal Court Ruling That Online Child Safety Act Is Likely Unconstitutional

By Kristin Bryan, Alan Friel, Kyle Fath & James Brennan on October 23, 2023

Posted in California, Data Privacy, Litigation, Privacy Litigation, US

Last week, the Attorney General for California filed a notice of appeal to overturn a federal court ruling that the state’s Age-Appropriate Design Code Act (“CAADCA”) likely violates the First Amendment. The appeal will put the constitutionality of California’s act before the Court of Appeals for the Ninth Circuit.

Following unanimous votes by the California…

Court Dismisses Video Privacy Claims Brought Against Candy Company, Making Clear VPPA Liability Does Not Extend To All Websites With Video Content

By Kristin Bryan & James Brennan on October 19, 2023

Posted in Data Privacy, Litigation, Video Privacy Protection Act (VPPA)

The federal Video Privacy Protection Act (“VPPA”) is one of the most frequently litigated data privacy statutes. This month, a California federal court dismissed VPPA claims brought against Hershey, making clear that VPPA liability does not extend to all websites with playable video clips. Rodriguez v. The Hershey Company, et al., No. 3:23-cv-00398-L-DEB, 2023 WL…

Privacy World Week in Review

By Kristin Bryan on October 16, 2023

Posted in Artificial Intelligence, California, California Age-Appropriate Design Code Act (“CAADCA”), CCPA, China, Compliance, Cybersecurity, Data Privacy, Events, Federal Trade Commission (FTC), Health, Washington, Wiretapping

Registration Open for In-Person CLE: The Important Role Legal Plays in an Era of Growing Data Risks – Key Findings…

Registration Open for In-Person CLE: The Important Role Legal Plays in an Era of Growing Data Risks – Key Findings From the 2023 ACC CLO Report

By Squire Patton Boggs on October 16, 2023

Posted in Compliance, Data Breach, Data Privacy, Events, General, Litigation

According to the 2023 ACC CLO Survey, legal teams are facing unique and growing data-related challenges in this ever-changing regulatory and threat landscape. Data requirements for privacy and compliance continue to become more complex and confusing and the risk of resulting litigation continues to rise.

Team SPB will partner with Exterro, a leading e-discovery…

China Releases Draft Regulation to Significantly Ease Cross-border Data Transfers

By Lindsay Zhu & Scott Warren on October 2, 2023

Posted in China, China’s Personal Data Export Standard Contract, Cybersecurity, Data Privacy

On September 28, 2023, the Cyberspace Administration of China proposed draft regulations, the Regulations on Regulating and Facilitating Cross-border Data Flow (Draft Regulations), seeking public comment. If adopted, it will significantly reduce the restrictions on cross-border data transfers from China. This is a material effort by China to improve free data flows and an implementation of the “whitelist” mentioned under the 24 provisions for attracting foreign investment published in August 2023.Continue Reading China Releases Draft Regulation to Significantly Ease Cross-border Data Transfers