On October 18, 2022, in Popa v. Harriet Carter Gifts Inc. et al., Case Number 21-2203, the Third Circuit denied rehearing on its ruling that allows a class action alleging wiretapping claims based on the use of session replay software to proceed. The … [Read more] about Website Analytics (Session Replay) Litigation is Not Dead
On October 24, 2022, the Federal Trade Commission (“FTC”) announced a proposed consent order against both Drizly LLC, an online marketplace for alcohol delivery, and its CEO over the company’s alleged security failures that led to a data breach in … [Read more] about Recent FTC Order Has Implications for Executive Liability and Corporate Data Minimization Practices
On October 18, 2022, EyeMed Vision Care LLC (“EyeMed”) entered into a Consent Order with the New York Department of Financial Services (“DFS”) relating to a cybersecurity event from 2020 that exposed consumer nonpublic information (“NPI”) to an … [Read more] about NYDFS Announces Significant Cybersecurity Settlement with EyeMed Vision Care
On October 18, 2022, the European Data Protection Board (“EDPB”) published a proposed updated version of its regulatory guidance on personal data breaches under the EU GDPR (the “Proposed Updated Guidance”). The Proposed Updated Guidance seeks to … [Read more] about Heavier Breach Notification Obligations for U.S. Companies Subject to the EU GDPR According to Proposed Regulatory Guidance from the EDPB
Today, October 17, 2022, the California Privacy Protection Agency (“CPPA”) published its first set of Modified Proposed Regulations under the California Privacy Rights Act (“CPRA”). The Modified Regulations have been published in preparation for a … [Read more] about California Privacy Protection Agency Publishes Updated CPRA Regulations