Privacy

Subscribe to Privacy via RSS

Jason, Jacob, and Jaz have prepared four brief posts on the California Invasion of Privacy Act (CIPA), an old law now applied to new technology. With damages of $5,000 per violation or treble damages, CIPA lawsuits cannot be ignored. If you have a website and want to protect your company from litigation costs, check out these posts and contact us with any questions.

The California Invasion of Privacy Act (CIPA) was enacted in 1967 to “protect the right of privacy by, among other things, requiring that all parties consent to a recording of their conversation.” Whether intentional or not, from these modest origins CIPA has become a giant—create substantial liability risk for thousands of companies every year.Continue Reading Mini-Series on CIPA – Part 4: How Big is the Risk?

Jason, Jacob, and Jaz have prepared four brief posts on the California Invasion of Privacy Act (CIPA), an old law now applied to new technology. With damages of $5,000 per violation or treble damages, CIPA lawsuits cannot be ignored. If you have a website and want to protect your company from litigation costs, check out these posts and contact us with any questions.

The California Invasion of Privacy Act (CIPA) penalizes those “who willfully and without the consent of all parties to the communication . . . read, or attempt to read, or to learn the contents or meaning of any message, report, or communication.” Cal. Penal Code § 631 (cleaned up).

This rule seems sensible when applied to someone surreptitiously eavesdropping on a phone conversation. The law was passed in the 1960s to protect phone conversations from wiretaps, and if I am secretly listening in on your phone call, then my conduct may fall under the law.Continue Reading Mini-Series on CIPA – Part 3: Can I Eavesdrop on My Own Conversation?

Jason, Jacob, and Jaz have prepared four brief posts on the California Invasion of Privacy Act (CIPA), an old law now applied to new technology. With damages of $5,000 per violation or treble damages, CIPA lawsuits cannot be ignored. If you have a website and want to protect your company from litigation costs, check out these posts and contact us with any questions.

The California Invasion of Privacy Act (CIPA) penalizes unauthorized eavesdropping on communications “carried on among the parties in the presence of one another or by means of a telegraph, telephone, or other device, except a radio. . .” Cal. Penal Code § 632.7(a). Recently, plaintiffs have pressed courts to include internet-enabled communications on smartphones within the auspice of § 632.7(a). But is a smartphone communication over the internet a phone under this section of CIPA?Continue Reading Mini-Series on CIPA Part 2: What is a ‘Phone’?

Jason, Jacob, and Jaz have prepared four brief posts on the California Invasion of Privacy Act (CIPA), an old law now applied to new technology. With damages of $5,000 per violation or treble damages, CIPA lawsuits cannot be ignored. If you have a website and want to protect your company from litigation costs, check out these posts and contact us with any questions.

Companies have websites to reach customers, share products and services, and communicate brands. But websites can also create legal risks. Recently, litigation has surged against website owners for violating the California Invasion of Privacy Act (CIPA). This 1960s phone-wiretapping law is now used against websites that collect and share visitor data with third-party vendors. The legal theory, in part, is that when a user visits a website and their information is processed, the third-party vendor listens in on this communication without notice or consent from the website user.Continue Reading Mini-Series on CIPA – Part 1: What is a ‘Communication’ Anyway?

The summer has been anything but slow in the People’s Republic of China. China is leaning into its regulation of emerging technologies, while attempting to strike a balance with its domestic economic priorities. In just the past few weeks, state authorities have issued a slew of draft measures and announced new initiatives – all with significant ramifications for businesses processing data within the PRC. From personal information processing to facial recognition to cross-border data transfers, what follows is a highlight reel of what you may have missed while you were away on vacation, with the comment period for many of these developments closing within the next few weeks.Continue Reading Catch Up Fast: The “Data Days” of Summer in China

On July 24, 2023, an en banc Eleventh Circuit joined the majority of circuits to find that just one text is sufficient to establish standing to bring a Telephone Consumer Protection Act (“TCPA”) claim. The decision, Drazen v. Pinto, — F.4th —, 2023 WL 4699939 (11th Cir. July 24, 2023), not only undoes the panel’s original holding, but also reverses course from the Eleventh Circuit’s prior decision in Salcedo v. Hanna, 936 F.3d 1162 (11th Cir. 2019), which held that a Plaintiff who received a single text message did not have TCPA standing.  Continue Reading The First Text Cuts the Deepest: Eleventh Circuit Aligns with Other Circuits on TCPA Standing

On June 18, 2023, the Biden-Harris administration announced the launch of a new “U.S. Cyber Trust Mark” program (hereinafter the “Program”). First proposed by Federal Communication Commission (“FCC”) Chairwoman Jessica Rosenworcel, the Program aims to increase transparency and competition across the smart devices sector and to assist consumers in making informed decisions about the security of the devices they purchase.Continue Reading Biden Admin Eyes IoT Cyber Practices

On August 14, 2020, California Attorney General Xavier Becerra released final implementing regulations for the California Consumer Privacy Act (CCPA). The CCPA became enforceable on July 1, 2020, and Becerra’s office submitted a final proposed draft of the regulations to the California Office of Administrative Law (OAL) on June 1, 2020. The Proposed Regulations have

On April 20, 2020, the Supreme Court granted cert in Van Buren v. United States, to resolve an important circuit split over the meaning of “authorized access” under the Computer Fraud and Abuse Act (CFAA). This is the Court’s first foray into analyzing the precise contours of CFAA liability. Van Buren may have far-reaching

E-Discovery no longer dominantly involves emails and shared drive documents. With the increasing prevalence of mobile devices in the workplace and new apps being developed daily, mobile data and other non-email communications are moving to the forefront of discovery. Times have changed, and attorneys have professional and ethical obligations to keep up. To effectively and competently represent clients, attorneys must stay apprised of how to work with these ever-changing forms of data – or get help from someone knowledgeable. To do so, we have set out some suggestions below organized around common stages of the discovery lifecycle of digital evidence.

Identification. In conducting custodian interviews, ask questions to target the data types the custodian works with. Start broadly by determining if the company has a BYOD policy and asking if they allow the use of personal devices for work purposes. Confirm which messaging tools they use for business purposes, with the understanding that people tend to play down such use. For each messaging application, ask how they are used and with whom they communicate. Discuss these same topics with your client’s IT team to better understand  the company’s policies and capabilities for controlling the use of personal devices, as well as employees’ actual practices.Continue Reading Best Practices for Navigating Discovery of Mobile Data and Alternative Communication Tools in Today’s Digital World