Photo of Owen Davis

Owen assists employers across industry sectors – from small businesses to Fortune 500 corporations – to identify changing workplace law at a local, state and federal level. He offers legal guidance on employment agreements, restrictive covenants, personnel policies and other human resources issues. Owen also represents employers before state and federal courts as well as administrative agencies on matters related to discrimination, retaliation, harassment, and wage and hour violations.

Keypoint: Multiple decisions from the same judicial district come down differently on wiretapping claims while three courts in different states each reject VPPA-defendants’ arguments that the plaintiffs lacked Article III standing.

Welcome to the twelfth installment in our monthly data privacy litigation report. Not only does this month’s post mean we have been doing this for over a year now (and actually a little longer as there was at least one post that combined two months of updates into one post because, well, holidays), but more importantly we are releasing this post on the eve of heading to Washington, D.C. to attend the IAPP Summit. If you will be there, make sure to come and meet us!

We prepare these reports to provide updates on how courts in the United States have handled emerging data privacy trends. In this month’s post, we look at three decisions from the Southern District of California, each of which addressed nearly identical factual allegations and legal arguments but reached different conclusions. We also take a look at three VPPA decisions denying motions to dismiss regarding claims premised on the Meta Pixel that highlight how district courts are addressing Article III standing objections and the required specificity of a plaintiff’s allegations at the pleading stage.

If you are a Byte Back+ member, you will also see our coverage on recent lawsuits beyond the wiretapping and VPPA claims, including the recent trend of cases brought under pen registry laws and efforts against plaintiffs who have brought wiretapping claims in private arbitration rather than the public courts. Interested in learning more about Byte Back+? Click here.

There are many courts currently handling data privacy cases across the nation. Although illustrative, this update is not intended to be exhaustive. If there is another area of data privacy litigation about which you would like to know more, please reach out. The contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following us on LinkedIn.Continue Reading U.S. Privacy Litigation Update: March 2024

Keypoint: Since our last update on US artificial intelligence (AI) legislation impacting the private sector, Utah enacted the first AI private sector bill of 2024, Oklahoma moved closer to passing an AI Bill of Rights, Connecticut’s bill advanced through a committee, and California lawmakers introduced two bills that would establish transparency requirements around generative AI and personal information used to train AI models.

Below is our third update on the status of pending US artificial intelligence (AI) legislation that would affect the private sector.Continue Reading AI Legislation Update: March 26, 2024

Keypoint: While not as far-reaching as bills under consideration in other states, the Utah bill creates some obligations for private sector companies deploying generative artificial intelligence, including disclosing its use.

In early March, the Utah legislature unanimously passed SB 149. The bill is now with Utah Governor Spencer Cox for signature. In general, the bill: (1) specifies that Utah’s consumer protection laws apply equally to an entity’s use of generative artificial intelligence as they do to the entity’s other activities, (2) requires private sector entities to take steps to disclose and/or respond to inquiries about their use of generative artificial intelligence, and (3) creates the Office of Artificial Intelligence Policy which is charged with, among other things, administering an artificial intelligence learning laboratory program. Once signed by the Governor, the law will go into effect on May 1, 2024.

In the below article, we provide a brief analysis of the bill’s provisions.Continue Reading Utah Legislature Passes Private Sector AI Bill

Keypoint: Courts continue to issue conflicting decisions in wiretapping cases while one court has expanded who may be considered a “video tape service provider” under the VPPA.

Welcome to the eleventh installment in our monthly data privacy litigation report. We prepare these reports to provide updates on how courts in the United States have handled emerging data privacy trends. In this month’s post, we look at wiretapping decisions from courts that have come out differently on whether plaintiffs have plead facts to sufficiently allege “interception” of chat communications, two decisions that rejected defendant’s arguments concerning plaintiffs’ consent to being recorded, and a failed attempt to compel arbitration. We also look at three session reply technology decisions, all of which grappled with whether the plaintiff had plead the third-party had the capability to use the alleged communications for the third-party’s own benefit. We also take a look at three VPPA decisions that continue to show the balancing act courts have struck when assessing VPPA claims at the pleading stage, including a decision that expands what type of company may be considered a “video tape service provider.”

If you are a ByteBack+ member, you will also see our coverage on recent lawsuits beyond the wiretapping and VPPA claims, including the recent trend of cases brought under pen registry laws and efforts against plaintiffs who have brought wiretapping claims in private arbitration rather than the public courts. Interested in learning more about ByteBack+? Click here.

There are many courts currently handling data privacy cases across the nation. Although illustrative, this update is not intended to be exhaustive. If there is another area of data privacy litigation about which you would like to know more, please reach out. The contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following us on LinkedIn.Continue Reading U.S. Privacy Litigation Update: February 2024

Keypoint: Since our inaugural post on US artificial intelligence legislation, the first AI bill from this year is set to pass in Utah, new bills have been introduced in Connecticut, Illinois, New Jersey, and several bills have stalled in Virginia, Rhode Island, and Washington.

Below is our second update on the status of pending US artificial intelligence (AI) legislation that would affect the private sector.Continue Reading AI Legislation Update: March 6, 2024

Keypoint: In our first regular update on the happenings of US artificial intelligence law, we provide an overview of proposed state AI-related private sector bills.

Below is our first regular update on the status of US artificial intelligence laws. In this update, we provide an overview of proposed state artificial intelligence bills impacting the private sector and links to recent firm articles on various AI-related issues.Continue Reading AI Legislation Update: February 14, 2024

Keypoint: Pending the Governor’s signature, the California Delete Act requires all data brokers to register with the CPPA next year and comply with a one-stop consumer deletion mechanism by 2026.

Last week, the California legislature passed the Delete Act (SB 362) (the “Act”) which amends California’s existing data broker law to subject all data brokers to new registration and disclosure requirements, and a one-stop mechanism for consumer deletion requests. In the below post, we analyze the Delete Act and the changes it makes to the existing data broker law.Continue Reading California Delete Act Passes Legislature

Key Point: The EEOC released guidance to employers on how to assess adverse impacts when using artificial intelligence (AI) in the employment decision-making process.

The Equal Employment Opportunity Commission (EEOC) recently issued a technical assistance document to help employers avoid discriminating against job applicants and employees when using AI for employment decisions. In the technical assistance, the EEOC highlights that employers may violate Title VII of the Civil Rights Act of 1964 (Title VII) if their algorithmic decision-making tools have an adverse impact on protected classes, even where those tools are designed or administered by third parties.Continue Reading EEOC Issues Guidance on Assessing AI Employment Tools Under Title VII

Keypoint: The Attorney General’s investigatory sweep focuses on how large California employers are handling the expiration of the CCPA’s employee data exemption.

On July 14, 2023, the California Attorney General announced a new CCPA investigatory sweep focused on employee data. The Attorney General’s Office reported that it had sent inquiry letters “to large California employers requesting information on the companies’ compliance with the California Consumer Privacy Act (CCPA) with respect to the personal information of employees and job applicants.”Continue Reading California Attorney General Announces New CCPA Investigative Sweep of Employers

Keypoint: New York City issued final regulations on the use of automated employment decision tools by employers, with enforcement to begin on July 5, 2023.

The New York City Department of Consumer and Worker Protection (DCWP) adopted its Final Rule to implement Local Law 144, which regulates the use of “automated employment decision tools” (AEDTs) to screen applicants or employees in the city. The DCWP also announced that it will begin enforcing the law on July 5, 2023.Continue Reading NYC Finalizes Regulations on AI Employment Tools and Will Begin Enforcement on July 5, 2023