Press "Enter" to skip to content

Posts published in “IT & Data Protection”

And They’re Off! Multiple States Charging Ahead With Privacy Legislation    

As California Attorney General Xavier Becerra advises consumers of all their new rights under the California Consumer Privacy Act (CCPA), multiple states are introducing their own privacy acts, some of which are remarkably similar to the CCPA.  The most-watched privacy legislation is perhaps in Washington State, described below, which very nearly passed its Privacy Act last year.

2019: A Watershed Year for Consumer Financial Services Law

It has been an extraordinary 365 days for consumer financial services law. I cannot recall a year where so many states introduced legislation or proposed regulations or rules impacting the credit industry. At the federal level, proposed rules for the Fair Debt Collection Practices Act were (finally) released and California also proposed regulations under the California Consumer Privacy Act.

The 2019 Privacy Legislation Bomb Cyclone

The European Union’s General Data Protection Regulation (GDPR) went into effect on May 25, 2018, and introduced privacy concepts that were new to some U.S. businesses.  Fortunately, the GDPR was developed over a period of time that allowed for thoughtful deliberation and careful drafting. The California Consumer Privacy Act (CCPA), on the other hand, was speedily enacted under the threat of a ballot initiative.

3rd Cir. Vacates Cy Pres Class Settlement Citing Trial Court’s Failure to Scrutinize Scope of Release

The U.S. Court of Appeals for the Third Circuit recently vacated an order approving the settlement of a class action certified under Rule 23(b)(2), where the only benefit to the class was the defendant’s payment of a cy pres award to organizations that promoted data…

9th Cir. Holds Violation of Facial Recognition Law Sufficient for Standing, Upholds Class Cert.

The U.S. Court of Appeals for the Ninth Circuit recently held that class plaintiffs alleged a concrete and particularized harm sufficient to confer Article III standing where the defendant company’s alleged collection, use, and storage of the plaintiffs’ biometric information was the substantive harm targeted…

7th Cir. Holds Plaintiff Lacked Standing in ADA ‘Website Accessibility’ Case Against Credit Union

The U.S. Court of Appeals for the Seventh Circuit recently held that a blind plaintiff lacked standing to sue under the Americans with Disabilities Act (ADA) for alleged accessibility problems with a credit union’s website because he could not establish an injury in fact as…

Texas Enacts Amendments to Data Breach Notification Law; Creates Privacy Protection Advisory Council

On June 14, Texas Gov. Greg Abbott signed into law House Bill 4390 which amends the notification requirements of Texas’ data breach law and creates an advisory council to study data privacy laws generally.  The provisions become effective Jan. 1, 2020. Currently, a person conducting…