On May 16, 2024, the U.S. Securities and Exchange Commission announced the adoption of amendments to Regulation S-P that were proposed last year. The Final Amendments impose enhanced requirements on registered investment advisers, investment companies, broker dealers and transfer agents with respect to handling of consumer financial information.

Read the

  • Central District of California dismisses lawsuit alleging that a third-party’s interception of communications over a website’s live chat feature violated California’s wiretapping and eavesdropping prohibitions.  
  • Important to the Court’s holding was its finding that the code used by the third party to acquire and transmit the contents of the chat communications was not necessarily used to intercept the communications while they were “in transit” but rather to store them after they were received.

As part of our commitment to keeping you informed of new regulatory developments and their potential implications, we have highlighted recent statements by federal officials concerning loyalty programs, such as those involving airline miles and credit card points. These comments signal a potential shift in how these programs are viewed under consumer protection laws, and the plaintiffs’ bar is likely to take notice.

While French skincare company L’Occitane (the “Company”) successfully thwarted a mass arbitration effort by plaintiffs’ firm Zimmerman Reed and approximately 3,000 customers (the “Claimants”), the Southern District of California Court presiding over the matter indicated that the Company’s case against them was on the verge of dismissal. L’Occitane v. Zimmerman Reed, et al., No. 2:24-cv-01103 (C.D. Cal. April 15, 2024).

A federal judge in the Northern District of California delivered a blow to a potential class action lawsuit against Google over its ad auction practices. The lawsuit, which allegedly involved tens of millions of Google account holders, claimed Google’s practices in its real-time bidding (RTB) auctions violated users’ privacy rights. But U.S. District Judge Yvonne Gonzalez Rogers declined to certify the class of consumers, pointing to deficiencies in the plaintiffs’ proposed class definition. 

  • Over a hundred cases are pending from the wave of privacy class actions that commenced last year alleging violations of state wiretap statutes based on use of website session replay, chatbot and pixel technologies.
  • Plaintiffs’ firms are continuing to file new cases based on chatbot and pixel tech despite an increasing number of dismissals while also trying new approaches focused on email marketing tech and identity graphing.

The U.S. Department of Health and Human Services (HHS) recently issued a strategy paper highlighting key aspects of its plan to revamp cybersecurity requirements in the healthcare industry. Citing a 93% increase in large data breaches in healthcare from 2018 to 2022 and a rapid increase in ransomware attacks against