• 05 2019 February

    Keeping a Finger on BIPA

    On January 25, 2019, the Illinois Supreme Court unanimously ruled that infringement of a right afforded under the state’s Biometric Information Privacy Act (“BIPA”), even absent harm, is sufficient for a plaintiff to allege a...

    Read More →

Recent Posts

Keeping a Finger on BIPA

Feb 5, 2019 by Kandi Parsons and Armin Tadayon

On January 25, 2019, the Illinois Supreme Court unanimously ruled that infringement of a right afforded under the state’s Biometric Information Privacy Act (“BIPA”), even absent harm, is sufficient for a plaintiff to allege a violation of the law. The Court found the legislature provided for liability under BIPA for a statutory violation and that...

Read More →

2018 State Privacy & Security Laws – A Year in Review

Jan 24, 2019 by Michelle Anderson and Amanda Irwin

Overview of 2018 2018 was a watershed year for state privacy and security laws, with several states passing legislation in these areas. The most significant development was the enactment of the California Consumer Privacy Act (“CCPA”), the most expansive general privacy law in the United States to date. However, the year brought other notable legislation...

Read More →

As the current shutdown of the federal government passed the one-month mark, the strain on workers affected by the shutdown is reaching a crisis level. The severe financial impact on the country has been reported, but the human impact of the shutdown is equally devastating for individuals and families. Thousands of federal workers remain furloughed,...

Read More →

At the beginning of year, House and Senate members of Colorado’s General Assembly introduced the Colorado Digital Token Act (“CDTA”). The bill exempts digital token issuers who market tokens primarily for consumptive purposes (e.g., to purchase goods and services from the seller) from most state securities registration requirements. If passed, the CDTA would result in...

Read More →

DOJ Reverses Course on the Wire Act

Jan 16, 2019 by Zach Lerner, Jake Sommer and Marc Zwillinger

In a surprisingly result-oriented analysis, the Department of Justice (“DOJ”) has reversed its view on the scope of the Wire Act, declaring that the Wire Act is not limited to sports gambling. The opinion authored by the Office of Legal Counsel, (dated November 2, 2018 and made public earlier this week) reverses the better-reasoned conclusion...

Read More →

Massachusetts has updated its breach notification law to require credit monitoring services and more prescriptive breach notices to regulators, as well as to strengthen rules for consumer reporting agencies. Governor Charlie Baker signed the legislation (H. 4806) on January 10, 2019, and the amendments go into effect on April 11, 2019. The amendments will require:...

Read More →

Vermont Data Broker Regulations Now Effective­­

Jan 14, 2019 by Devron Brown, Michelle Anderson and Ken Dreifach

The Vermont Data Broker Regulation (“VDBR”) (9 V.S.A. §§ 2430, 2433, 2446–2447) went into effect on January 1, 2019. Therefore, data brokers must register with the Vermont Attorney General by January 31st and comply with minimum data security requirements. Applicability of the VDBR Subject to the exceptions set forth in 9 V.S.A. §§ 2430(4)(C), under...

Read More →

The EU’s highest court may be poised to allow Google and other search engines to honor most right-to-be-forgotten requests in a way that impacts only searches from within the EU, i.e., without affecting results for searches performed by users outside the EU. EU Court of Justice (“CJEU”) Advocate General (“AG”) Maciej Szpunar released an opinion...

Read More →

An Illinois federal judge granted summary judgment to Google in a case alleging that its use of facial recognition software in Google Photos violated Illinois’ Biometric Information Privacy Act (“BIPA”), citing Plaintiffs’ failure to establish a concrete injury sufficient to confer Article III standing.  Background Google Photos is a cloud-based service which detects images of...

Read More →

The South Carolina Insurance Data Security Act (the “Act”) took effect on January 1, 2019.  The bill, which largely resembles the New York Department of Financial Services cybersecurity regulations, is based on the National Association of Insurance Commissioners (“NAIC”) Insurance Data Security Model Law and is intended to establish minimum data security, breach notification, and...

Read More →