2022 was another year of high activity and significant developments in the realm of artificial intelligence (“AI”) and biometric privacy related matters, including in regard to issues arising under the Illinois Biometric Information Privacy Act (“BIPA”) and others. This continues to be one of the most frequently litigated areas of privacy law, with several notable rulings and emerging patterns of new activity by the plaintiffs’ bar. Following up on Privacy World’s Q2 and Q3 2022 Artificial Intelligence & Biometric Privacy Quarterly Newsletters, be sure to read on for a recap of key developments and insight as to where 2023 may be headed.
Continue Reading Privacy World 2022 Year in Review: Biometrics and AI
Injury in Fact
CPW Week in Review
In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.
CPW’s Shea Leitch and Kyle Dull to Speak at ACC South Florida’s 12th Annual CLE Conference
CPW’s Kristin Bryan, Jesse Taylor and Shing Tse Co-Author Chapter for Lexis Practical Guidance on Privacy, Cybersecurity and Data Breach Litigation: Key Laws and Considerations
CPW’s Kristin Bryan, a 2022 Law360 Privacy & Cybersecurity MVP as well as a featured subject matter expert for LexisNexis, Jesse Taylor and Shing Tse teamed up to co-author a chapter of the Lexis Practical Guidance titled “Privacy, Cybersecurity and Data Breach Litigation: Key Laws and Considerations”. In this practice…
Federal Court Clarifies the Article III Standing Requirement for FDCPA Violations
A Seventh Circuit district court recently clarified that a Fair Debt Collection Practice (“FDCPA”) plaintiff may not satisfy Article III’s injury-in-fact requirement by alleging confusion and aggravation, even where a complaint generally alleges actual damages.
In Suxstorf v. Portfolio Recovery Assocs. LLC, Plaintiff brought claims under the FDCPA, 15 U.S.C. § 1692e against Defendant, Portfolio Recovery Associates LLC, a debt collector. In connection with an outstanding debt, Defendant sent Plaintiff a “permanent hardship” letter, in which Defendant offered to pause or cease its collection efforts upon a showing of permanent hardship. Defendant attached to the letter a “Permanent Hardship Request Form,” in which it requested certain consumer information to evidence permanent hardship, including: the consumer’s date of birth, the last four digits of the consumer’s Social Security number, the consumer’s employment status, whether the consumer is receiving unemployment benefits, whether the consumer is receiving Social Security benefits or any other financial assistance from the government, any other sources of income and a description of any financial hardship and the duration of that hardship.
Plaintiff alleged that Defendant’s request for such information was under false pretenses and that the actual purpose of requesting the information was to determine whether to bring suit against the consumer based on the information obtained from the permanent hardship letter. Plaintiff alleged that this practice violated, among other statutes, the FDCPA, 15 U.S.C. § 1692e(10), which prohibits a debt collector from using “any false representation or deceptive means to collect or attempt to collect any debt or to obtain information concerning a consumer.” 15 U.S.C. § 1692e(10). Plaintiff alleges that he was confused and misled by the letter and that he was required to spend time and money investigating the letter and the consequences of his response. Continue Reading Federal Court Clarifies the Article III Standing Requirement for FDCPA Violations
T-Mobile Agrees in MDL to Record Setting $350 Million Data Breach Settlement to Resolve CCPA and Other Privacy Claims
In a record-setting proposed settlement filed last week, T-Mobile has agreed to pay $350 million and boost its data security by $150 million over the next two years to resolve multidistrict litigation brought by T-Mobile customers whose data was allegedly exposed in a 2021 data breach. Read on for the terms of the settlement, which may serve as a model in other high stakes data security cases going forward.
Recall that in August 2021, T-Mobile disclosed that it had been the victim of a cyberattack that resulted in the compromise of some current, former and prospective customers’ SSN, name, address, date of birth and driver’s license/ID information the “Data Event”). By T-Mobile’s account, no “customer financial information, credit card information, debit or other payment information” was exposed in the attack. Nevertheless, over 40 putative class action claims were filed seeking damages for the improper disclosure of Plaintiffs’ personal information. In December 2021, the Judicial Panel on Multidistrict Litigation transferred and centralized the putative class actions into the MDL standing before the Western District of Missouri.Continue Reading T-Mobile Agrees in MDL to Record Setting $350 Million Data Breach Settlement to Resolve CCPA and Other Privacy Claims
CPW Week in Review
In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.
FTC Emphasizes Commitment to Protection of Highly Sensitive Data
Federal and State Actions to Protect Robocall Invasion of Consumer…
CPW Week in Review
In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.
NOW AVAILABLE CPW’s Kristin Bryan and Glenn Brown on The Fraudian Slip Podcast ITRC – What You Should Know About State Privacy Laws
CPW’s Kristin Bryan and Glenn Brown recently jointed James Lee, Chief Operating Officer of the Identity Theft Resource Center (“ITRC”) and Eva Velasquez, Chief Executive Officer of the ITRC to discuss recent developments in privacy laws and privacy litigation. Their podcast, which addresses recently enacted privacy laws, litigation trends, and what may be on the…
CPW Week in Review
In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.
2021…
Federal Magistrate Judge Rejects Asserted Lack of Article III Standing as Basis to Strike Class Allegations in Privacy Litigation
In late December, the United States District Court for the Middle District of Florida indicated that Article III standing for members of a class action should not be determined at the pleadings stage. In Sharfman v. Premier Medical, Inc., 2021 U.S. Dist. LEXIS 247447 (M.D. Fla. Dec. 29, 2021), the magistrate judge issued a…