Privacy & Cybersecurity Litigation

CalPrivacy Goes to the Board with Digital Advertising-Focused Enforcement

March 9, 2026 By Cynthia Cole, Dorian Simmons and Anna von Spakovsky

On February 27, 2026, the California Privacy Protection Agency (“CalPrivacy”) issued an order (the “Order”) requiring a sports-focused media and technology company (the “Company”) to pay a $1.10 million administrative fine for violations of the California Consumer Privacy Act (“CCPA”). The action continues California regulators’ scrutiny of how companies deploy cookies, software development kits and […]

California Attorney General Announces Investigative Sweep into “Surveillance Pricing”

January 29, 2026 By Daniel Felz, Dorian Simmons and Christian Seremetis

On January 28, 2026, California Attorney General (“AG”) Rob Bonta announced an investigative sweep targeting “surveillance pricing” practices among businesses in the retail, grocery, and hotel sectors. The investigation focuses on companies that use consumers’ personal information to set individualized prices. According to the AG’s press release, surveillance pricing practices could violate the California Consumer […]

Texas Court Blocks Smart TV Data Collection

January 5, 2026 By Jennifer Everett, David Keating and Lili Song

A Texas state court has issued a temporary restraining order (“TRO”) blocking Hisense, a major Chinese smart TV manufacturer, from collecting data on the content viewers watch via Automatic Content Recognition (“ACR”) technology. Background The TRO follows lawsuits that Texas Attorney General (“AG”) Ken Paxton filed on December 15, 2025, against Hisense and four other […]

SEC Dismisses Remaining Claims Against SolarWinds

November 24, 2025 By Cara Peterman, Sierra Shear and Madeleine Juszynski Davidson

On November 20, 2025, the Securities and Exchange Commission (SEC) dismissed its landmark enforcement action against SolarWinds Corp. and the company’s Chief Information Security Officer, Tim Brown. In 2023, the SEC’s enforcement action broke new ground as the first formal action by the Commission against a CISO and the first civil fraud action litigated by […]

California Enacts Digital Age Verification Law

October 23, 2025 By Maki DePalo and Hyun Jai Oh

On October 13, 2025, California Governor Gavin Newsom signed Assembly Bill 1043, the Digital Age Assurance Act (Act), into law. Effective January 1, 2027, the Act introduces a device-based age verification system designed to create safer digital environments for children under 18. The Act underscores a trend of state laws that require age verification or […]