We are excited to introduce our newest value-added client resource, Byte Back+. Designed to maximize value for our privacy clients, this client-only resource will provide a seamless end-user experience for our privacy thought leadership and offer exclusive content on the topics that matter most to you. In addition to aggregating content from our Byte Back blog and webinar offerings, Byte Back+ will include other produced materials and exclusive content developed solely for our clients, that dives deeper into emerging privacy issues.

Continue Reading Introducing Byte Back+

Keypoint: Last week the Kentucky House passed a consumer data privacy bill, the Colorado House passed a biometric privacy bill, and Virginia moved closer to amending the VCDPA to add children’s privacy provisions.

Below is the fifth weekly update on the status of proposed state privacy legislation in 2024.

Continue Reading Proposed State Privacy Law Update: February 26, 2024

Keypoint: In only its second public enforcement settlement, the California Attorney General announced a $375,000 fine along with injunctive relief.

On February 21, 2024, the California Attorney General announced that it had reached a settlement with a company, resolving allegations that the company violated the California Consumer Privacy Act (CCPA) and California Online Privacy Protection Act (CalOPPA). This is only the second time the Attorney General’s office has publicly announced a settlement. In August 2022, the office announced a settlement over allegations that a company failed to disclose that it was selling consumers’ personal information and failed to process opt-out requests via user-enabled global privacy controls.

In announcing the enforcement action, Attorney General Bonta stated “I hope today’s settlement serves as a wakeup call to businesses: The CCPA has been in effect for over four years now, and businesses must comply with this important privacy law. Violations cannot be cured, and my office will hold businesses accountable if they sell data without protecting consumers’ rights.”

In the below article we provide a brief overview of the settlement.

Continue Reading California Attorney General Announces Second Public CCPA Enforcement Settlement

Keypoint: Last week Wisconsin inched closer to passing a consumer data privacy bill, Colorado’s biometric privacy bill advanced out of committee, and several CCPA-amendment bill were introduced.

Below is the fourth weekly update on the status of proposed state privacy legislation in 2024.

Continue Reading Proposed State Privacy Law Update: February 19, 2024

With state legislatures now open across the country, lawmakers in numerous states have introduced bills seeking to regulate the private sector’s use of artificial intelligence. With this influx of bills, we are releasing our 2024 AI State Law Tracker. The tracker, which compliments our State Privacy Law Tracker, State Children’s Privacy Law Tracker, and State Biometric Privacy Law Tracker, identifies the states that are considering private sector AI legislation and provides helpful links to the bills. Bookmark the page and use it as a resource. We will update the map as more bills are filed.

Keypoint: In our first regular update on the happenings of US artificial intelligence law, we provide an overview of proposed state AI-related private sector bills.

Below is our first regular update on the status of US artificial intelligence laws. In this update, we provide an overview of proposed state artificial intelligence bills impacting the private sector and links to recent firm articles on various AI-related issues.

Continue Reading AI Legislation Update: February 14, 2024

Keypoint: Based on the appellate court’s ruling, the new CCPA regulations are enforceable immediately instead of on March 29, 2024.

On February 9, 2024, a three-judge panel of the California Court of Appeals issued an order overruling a California trial court decision and holding that the new CCPA regulations approved by the Office of Administrative Law (OAL) on March 29, 2023, could be enforced immediately and not – as the trial court held – one year after OAL approval. The appellate decision also means that any new regulations promulgated by the California Privacy Protection Agency (Agency) could be enforced once approved by the OAL and not after a one-year delay. For reference, the Agency is currently working on six different sets of regulations. Nonetheless, it is worth noting that section 7301(b) of the new CCPA regulations allows the Agency to consider “the amount of time between the effective date of the statutory or regulatory requirement(s) and the possible or alleged violation(s) of those requirements, and good-faith efforts to comply with those requirements” when deciding whether to pursue an investigation or possible alleged investigation.

Keypoint: It was a busy week with lawmakers in Virginia and Colorado moving forward with bills to amend the Virginia Consumer Data Protection Act and Colorado Privacy Act.

Below is the third weekly update on the status of proposed state privacy legislation in 2024.

Continue Reading Proposed State Privacy Law Update: February 12, 2024

For the second year in a row, we are releasing our State Biometric Privacy Law Tracker. The tracker, which compliments our State Privacy Law Tracker and State Children’s Privacy Law Tracker, identifies the states that are considering biometric privacy legislation and provides helpful links to the bills. Bookmark the page and use it as a resource. We will update the map as more bills are filed.

Keypoint: Courts resolved six motions to dismiss wiretapping claims based on session replay technology in January, while two VPPA decisions highlight balance struck by courts. A new privacy litigation theory based on “pen registries” has emerged as well.

Welcome to the tenth installment in our monthly data privacy litigation report. We prepare these reports to provide updates on how courts in the United States have handled emerging data privacy trends. In this post, we examine one chat-based wiretapping claim and six session replay technology (SRT) based wiretapping claims. These decisions demonstrate how courts are still inconsistent in how they resolve wiretapping claims, even in cases where the plaintiff and SRT vendor are the same. We also look at two VPPA decisions that reflect the balance courts have struck in resolving VPPA decisions. Finally, we look at a new emerging trend based on “pen registry” technology (which is commonly associated with logging what phone numbers a monitored phone dials).

There are many courts currently handling data privacy cases across the nation. Although illustrative, this update is not intended to be exhaustive. If there is another area of data privacy litigation about which you would like to know more, please reach out. The contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following us on LinkedIn.

Continue Reading U.S. Privacy Litigation Update: January 2024