Privacy Litigation

EDPB Issues Draft Guidelines on the Calculation of Administrative Fines

May 19, 2022 By Paul Greaves and Privacy, Cyber & Data Strategy Team

On May 16, 2022, the European Data Protection Board (‘EDPB’) published draft regulatory guidelines (‘draft guidance’) on the calculation of administrative fines for infringements of the EU General Data Protection Regulation (‘GDPR’). In the draft guidance, the EDPB sets out its methodology, consisting of five steps, for calculating administrative fines. The EDPB adopted these guidelines […]

California Federal Court Dismisses Data Security-Related Securities Fraud Class Action

October 1, 2021 By Sierra Shear, Cara Peterman and Madeleine Juszynski

A California federal court has dismissed a putative securities fraud class action alleging that a large title insurer that disclosed a data security incident in May 2019 made false and misleading statements related to its data security practices and the incident. The dismissal follows the June 2021 settlement of a related Securities & Exchange Commission […]

The GDPR Reaches the US Supreme Court in Cert Petition

March 22, 2021 By Daniel Felz

The EU’s General Data Protection Regulation (GDPR) has been raised in a petition for certiorari before the US Supreme Court, apparently for the first time since the GDPR entered into application in 2018. A party in Vesuvius USA Corp. v. Phillips has filed a petition for certiorari in a GDPR-related discovery dispute. Of course, since […]

Virginia Ready to Pass First State Privacy Statute after CCPA

February 8, 2021 By Dorian Simmons

Both houses of Virginia’s legislature recently passed the Virginia Consumer Data Protection Act (S.B. 1392; H.B. 2307) (the “VCDPA”). If approved by the state governor, the VCDPA would become the United States’ second comprehensive state privacy law behind the California Consumer Privacy Act (CCPA). The VCDPA is similar to the CCPA and the European Union’s […]