On August 29, 2024, the Office for Civil Rights of the United States Department of Health and Human Services (“HHS-OCR”) withdrew its appeal of an order by the United States District Court for the Northern District of Texas’ (“District Court”) declaring unlawful and vacating a portion of an HHS-OCR Bulletin
Privacy Law
Same Song, Different Tune: Plaintiffs’ Bar Adds the Song-Beverly Credit Card Act to its Privacy Repertoire
Repurposing old laws to challenge new technologies has become the new normal in the privacy space. Plaintiffs continue to bring a kaleidoscope of privacy claims against companies in the tech age, reviving laws like the California Invasion of Privacy Act of 1994 (“CIPA”), Video Privacy Protection Act (“VPPA”), Telephone Consumer Protection Act (“TCPA”), Pennsylvania Wiretapping and Electronic Surveillance Control Act, and Arizona Telephone, Utility, and Communication Service Records Act.
Privacy Class Action Spotlight: Surge of Privacy Class Actions in Arizona Targeting Email Pixel Tracking
- There has been a recent surge of privacy class action lawsuits under the Arizona Telephone, Utility, and Communication Service Records Act targeting the use of common email marketing analytics technologies.
- Defendants are asserting standard defenses including lack of Article III standing as well as challenging the 2007 Arizona law’s applicability to email tracking pixels.
SEC Adopts Rule Amendments to Regulation S-P to Enhance Protection of Customer Information
On May 16, 2024, the U.S. Securities and Exchange Commission announced the adoption of amendments to Regulation S-P that were proposed last year. The Final Amendments impose enhanced requirements on registered investment advisers, investment companies, broker dealers and transfer agents with respect to handling of consumer financial information.
Court Rejects Claims that Website’s Live Chat Feature Violates California’s Prohibitions on Wiretapping and Eavesdropping
- Central District of California dismisses lawsuit alleging that a third-party’s interception of communications over a website’s live chat feature violated California’s wiretapping and eavesdropping prohibitions.
- Important to the Court’s holding was its finding that the code used by the third party to acquire and transmit the contents of the chat communications was not necessarily used to intercept the communications while they were “in transit” but rather to store them after they were received.
The Emerging Legal and Regulatory Risks of Loyalty Programs
As part of our commitment to keeping you informed of new regulatory developments and their potential implications, we have highlighted recent statements by federal officials concerning loyalty programs, such as those involving airline miles and credit card points. These comments signal a potential shift in how these programs are viewed under consumer protection laws, and the plaintiffs’ bar is likely to take notice.
From Skincare to Spyware: L’Occitane’s CIPA War Against the Plaintiffs’ Bar
While French skincare company L’Occitane (the “Company”) successfully thwarted a mass arbitration effort by plaintiffs’ firm Zimmerman Reed and approximately 3,000 customers (the “Claimants”), the Southern District of California Court presiding over the matter indicated that the Company’s case against them was on the verge of dismissal. L’Occitane v. Zimmerman Reed, et al., No. 2:24-cv-01103 (C.D. Cal. April 15, 2024).
Bidding Farewell, For Now: Google’s Ad Auction Class Certification Victory
A federal judge in the Northern District of California delivered a blow to a potential class action lawsuit against Google over its ad auction practices. The lawsuit, which allegedly involved tens of millions of Google account holders, claimed Google’s practices in its real-time bidding (RTB) auctions violated users’ privacy rights. But U.S. District Judge Yvonne Gonzalez Rogers declined to certify the class of consumers, pointing to deficiencies in the plaintiffs’ proposed class definition.