Virgina

We head into the fourth quarter on the heels of the first public California Consumer Privacy Act (CCPA) civil penalty, while also looking ahead to the new state privacy laws in Virginia, Colorado, Connecticut, and Utah and the significant updates that the California Privacy Rights Act (CPRA) will bring to the CCPA. Considering that regulations

On August 24, 2022, California Attorney General Rob Bonta issued a press release announcing the first public settlement by the Office of the Attorney General (OAG) involving alleged violations of the CCPA. The settlement involves a judicial judgment, civil penalties and ongoing monitoring and reporting. The use of noncompliance letters to cajole companies into compliance over many months now appears to be a closed chapter in the CCPA saga. Season 2 promises more drama, more action and more money. Entertaining unless you are the next target!

Continue Reading The Cookie Crumbles – Lessons from First California Consumer Privacy Act (CCPA) Monetary Settlement

On August 1, the New York State Department of Financial Services (“NYDFS” or “DFS”) announced a Consent Order  and $30 million fine against Robinhood Crypto, LLC (“RHC”), the wholly-owned cryptocurrency trading unit of the popular investing app by Robinhood Financial LLC. In the Order, NYDFS alleges RHC failed to comply with NYDFS rules pertaining to

In a record-setting proposed settlement filed last week, T-Mobile has agreed to pay $350 million and boost its data security by $150 million over the next two years to resolve multidistrict litigation brought by T-Mobile customers whose data was allegedly exposed in a 2021 data breach.  Read on for the terms of the settlement, which may serve as a model in other high stakes data security cases going forward.

Recall that in August 2021, T-Mobile disclosed that it had been the victim of a cyberattack that resulted in the compromise of some current, former and prospective customers’ SSN, name, address, date of birth and driver’s license/ID information the “Data Event”).  By T-Mobile’s account, no “customer financial information, credit card information, debit or other payment information” was exposed in the attack.  Nevertheless, over 40 putative class action claims were filed seeking damages for the improper disclosure of Plaintiffs’ personal information.  In December 2021, the Judicial Panel on Multidistrict Litigation transferred and centralized the putative class actions into the MDL standing before the Western District of Missouri.

Continue Reading T-Mobile Agrees in MDL to Record Setting $350 Million Data Breach Settlement to Resolve CCPA and Other Privacy Claims

Special thanks to our Summer Associate, Nyet Abraha, for her work on this blog.

Carnival Cruise Line, one of the largest international cruise lines, has agreed to pay $6 million to resolve claims brought by state attorneys general in response to a 2019 data breach. In March 2020, Carnival reported a data breach that compromised

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

CPW’s Stephanie Faber Speaks at French Association of Personal Data Protection Correspondents Annual Meeting

Future Uncertain for the American

CPW’s Kristin Bryan and Glenn Brown recently jointed James Lee, Chief Operating Officer of the Identity Theft Resource Center (“ITRC”) and Eva Velasquez, Chief Executive Officer of the ITRC to discuss recent developments in privacy laws and privacy litigation.  Their podcast, which addresses recently enacted privacy laws, litigation trends, and what may be on the

The California Privacy Rights Act (“CPRA”) places significant power in the hands of the California Privacy Protection Agency (“CPPA” or “Agency”) to influence the future of privacy regulation in the United States, including—perhaps most importantly—the authority to issue regulations in twenty-two specific, enumerated areas to achieve the broad objective of “further[ing] the purposes of” the

On Tuesday, April 5, CPW’s Alan Friel joined forces with Rebecca Perry, Director of Strategic Partnerships at Exterro, to share their expertise during the “Preparing for 2023 – Tools and Tips to Be Ready for New US Privacy Laws” webinar hosted by Global Data Review.

During this one-hour long virtual session, the duo discussed

On April 5 Alan Friel, the Global Co-Chair of Squire Patton Boggs’ Data Privacy, Cybersecurity and Digital Assets Practice will present with Rebecca Perry, CIPP/US/G, Director of Strategic Partnerships, Exterro on Preparing for 2023—Tools and Tips to be Ready for New US Privacy Laws.  The event will be hosted by Global Data Review.