Illinois

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Australian Privacy Regulator Commences Penalty Proceedings Against Medibank | Privacy World

Guidance on how Ofcom and the ICO intend to

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Singapore Publishes Generative AI Model Governance Framework | Privacy World

FCC Chair Proposes Investigation of Potential Disclosure Requirements for AI-Generated

Last week, the Illinois House of Representatives joined the Illinois Senate in passing amendments to the state’s Biometric Information Privacy Act (“BIPA”) to limit the scope of possible damages for violations of BIPA. As covered extensively here on PW, last year in Cothron v. White Castle, the Illinois Supreme Court held that an individual person accrues a separate statutory claim each time a defendant collects or discloses the individual’s biometric information in violation of BIPA. While the dissent in Cothron accurately observed that the combination of statutory damages and “per-scan” accrual meant that businesses could face “punitive, crippling liability . . . wildly exceeding any remotely reasonable estimate of harm,” the Cothron majority determined that “concerns about potentially excessive damage awards under the Act are best addressed by the legislature.”Continue Reading Illinois Legislature to Amend BIPA to Overrule Illinois Supreme Court Damages Decision

The Illinois Genetic Information Privacy Act, 410 ILCS 513/1, et seq. (“GIPA”), which was passed in 1998 and amended in 2008, had until recently received little attention from the plaintiffs’ bar. That changed last August, after a court granted certification in a federal GIPA class action involving alleged unauthorized disclosure of consumers’ genetic information to unknown third-party developers by a website that sold DNA analysis reports. See Melvin v. Sequencing, LLC, 344 F.R.D. 231, 233 (N.D. Ill. 2023). Over 50 GIPA cases were filed in 2023 alone in the wake of that ruling, with many more now pending in Illinois state and federal courts. As this litigation trend continues almost a year following the granting of class certification in Melvin, companies are asking: what is GIPA, are we subject to it, and what should we do to mitigate litigation risk?  Employers, insurance companies, and others that collect health- and genetic-related information should read on to learn more.Continue Reading Employers and Insurance Companies Continue To Be Targeted with Deluge of Claims Under the Illinois Genetic Information Privacy Act

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Notes from the Asia Pacific Region, December 2023 | Privacy World

Singapore to Amend Cybersecurity Law | Privacy World

The

On November 30, 2023, the Illinois Supreme Court unanimously held that an exclusion in the Illinois Biometric Information Privacy Act applies to healthcare workers where their biometric information is collected, used, or stored in the course of providing medical services.  The holding is a significant victory for healthcare institutions and clarifies that the applicable exemption

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

India Welcomes Landmark Data Protection Law | Privacy World

Join Us Live in Washington DC on September 19: Avoiding Litigation

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

The French CNIL’s New Guidance on Whistleblowing | Privacy World

SEC Adopts Final Cybersecurity Risk Management and Incident Disclosure Regulations

Earlier this week, the Illinois Supreme Court denied a petition for rehearing of its decision in Cothron v. White Castle, a case which has tremendous implications on the effect of Illinois’s Biometric Information Privacy Act (“BIPA”). As previously covered here on PW, the Court’s decision in February concluded that that each separate incident which is a violation of BIPA constitutes a distinct and separately actionable violation of the statute. In other words, plaintiffs may seek to collect liquidated damages per violation—$1,000 per violation, $5,000 per intentional/reckless violation—instead of per plaintiff, even if a plaintiff alleges daily violations over the course of years. This week’s ruling leaves in place the Cothron decision and its exponential expansion of the scope of damages that may be sought by an individual plaintiff.Continue Reading Illinois Supreme Court Refuses to Reconsider Decision That BIPA Claims Accrue Individually with Each Violation

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Data Protection Impact Assessments: Are You Ready? | Privacy World

Introducing Our AI Webinar Series | Privacy World

Scott Warren