Photo of Lisa B. Kim

A proposed settlement has been reached in the multi-district consumer litigation Target faces following a data breach that compromised at least 40 million credit cards during the 2013 holiday shopping season. The settlement, which requires Target to pay $10 million into a settlement fund and adopt specific data security measures, still needs court approval.

If

On October 30, 2014, the FCC issued a much-anticipated ruling (“FCC Order”) resolving several petitions seeking clarification of the opt-out notice requirement regarding advertisements faxed to consumers, contained in the Telephone Consumer Protection Act, section 227 of the Communications Act (“TCPA”). The FCC ruled that all such faxes, even those sent with the recipient’s prior

This post was also written by Maytak Chin.

A California attorney general’s report released this month shows that data security threats are on the rise in the Golden State. Against a backdrop of increasing security breaches, the report recommends best practices for companies to adopt as a way to reduce their vulnerabilities and to

On October 8, 2014, a district court judge in Georgia dismissed with prejudice a Video Privacy Protection Act (VPPA) action against The Cartoon Network (CN), holding that the disclosure of the plaintiff’s Android ID was not actionable because the Android ID did not qualify as “personally identifiable information” (PII). The full order is attached.

This post was also written by Leslie Chen.

Spurred by the security breaches at Target, Neiman Marcus, and The Home Depot, California Gov. Jerry Brown signed into law Assembly Bill No. 1710 September 30, 2014. The bill expands requirements on persons or businesses that own, license, and maintain personal information about a California resident. Specifically,

During recent terms, the U.S. Supreme Court has repeatedly embraced mandatory arbitration and class action waivers contained in a wide variety of consumer contracts.  The Court has sided with corporate defendants and elevated the requirements of the Federal Arbitration Act above other legal and policy interests advanced by would-be class representatives and their class action

On June 17, 2014, Magistrate Judge Laurel Beeler of the Northern District of California denied class certification for the proposed class of Hulu and Facebook users alleging that their personal information was transmitted to Facebook in violation of the Video Privacy Protection Act (VPPA).  We’ve written about this VPPA case before. At the end

This post was also written by Paul H. Cho.

On May 21, 2014, the California Attorney General, Kamala D. Harris, issued her long-awaited guidance for complying with the California Online Privacy Protection Act (“CalOPPA”).  “Making Your Privacy Practices Public,” which can be found here, provides specific recommendations on how businesses are to comply with