Key point: The Third Circuit Court of Appeals recently issued an opinion affirming the dismissal of a class action complaint asserting both California Invasion of Privacy Act (CIPA) and California Medical Information Act (CMIA) claims, providing helpful guidance on the application of the “party exception” defense to a wiretap claim, as well as the meaning of “medical information” under the CMIA claim.
In this episode of The Consumer Finance Podcast, Chris Willis is joined by colleagues Jason Manning, Angelo Stio, and Rob Jenkin to unpack the surge of litigations arising from the use of tracking technologies (e.g., cookies, pixels, and session tools) on websites. This episode explains how plaintiff firms are repurposing federal and state wiretap and “trap-and-trace” laws, as well as the Video Privacy Protection Act (VPPA), to assert claims associated with a business’s use of tracking technologies without consent.
KEYPOINT– The N.D.Cal. shared its frustration with the language of CIPA, the conflicting rulings on how it has been applied, and the need for the legislature to fix it, as part of its recent decision granting summary judgment and dismissing a CIPA claim.
Key point: Plaintiffs’ attorneys have started sending a wave of letters asserting opt-out and access rights under California’s Shine the Light law.
Over the last three months, businesses have been receiving requests from California residents seeking to exercise their rights under California’s Shine the Light law, Cal. Civ. Code § 1798.83. These requests are sent by attorneys who purport to represent a California resident who is a “customer” of, and has an “established business relationship” with, the business receiving the request. The requests seek an accounting of the customer’s personal information disclosed to third parties for direct marketing purposes within the past year.
Key point: The decision is the first to find a Daniel’s Law unconstitutional based on First Amendment grounds and could impact ongoing litigation against hundreds of companies challenging similar laws.
On June 2, the New Jersey Division of Consumer Affairs announced the publication of new proposed regulations to implement the New Jersey Data Privacy Act (NJDPA), N.J. Stat. §§ 56:8-166.4 et seq., which went into effect on January 15. (Please see our prior article on the NJDPA for more details.) Although many of these proposed regulations appear familiar – similar to the finalized regulations under the California Consumer Privacy Act (CCPA) and the Colorado Privacy Act (CPA) – New Jersey introduced several new requirements worth noting.