The proposed settlement agreement in the Target data breach consumer litigation that we reported on on March 19, 2015 has been approved by the judge, and a final approval hearing set for November 10, 2015. Based on this order, class members should start to receive notice of the settlement within 45 days of yesterday’s
Lisa B. Kim
Proposed Settlement in Target Data Breach Litigation
A proposed settlement has been reached in the multi-district consumer litigation Target faces following a data breach that compromised at least 40 million credit cards during the 2013 holiday shopping season. The settlement, which requires Target to pay $10 million into a settlement fund and adopt specific data security measures, still needs court approval.
If…
Courts Continue To Find That Unique Device Identifiers Are Not Personally Identifiable Information (PII) Under The Video Privacy Protection Act (VPPA)
“Data Security, Privacy & Management” “VPPA” “consumer consent”…
Continue Reading Courts Continue To Find That Unique Device Identifiers Are Not Personally Identifiable Information (PII) Under The Video Privacy Protection Act (VPPA)
FCC Confirms that Even Solicited Fax Ads Must Contain Opt-Out Language, and Sets Six-Month Deadline for Companies to Seek a Retroactive Waiver
On October 30, 2014, the FCC issued a much-anticipated ruling (“FCC Order”) resolving several petitions seeking clarification of the opt-out notice requirement regarding advertisements faxed to consumers, contained in the Telephone Consumer Protection Act, section 227 of the Communications Act (“TCPA”). The FCC ruled that all such faxes, even those sent with the recipient’s prior…
Data Security Threats Are on the Rise in the Golden State, According to California Attorney General Kamala Harris
This post was also written by Maytak Chin.
A California attorney general’s report released this month shows that data security threats are on the rise in the Golden State. Against a backdrop of increasing security breaches, the report recommends best practices for companies to adopt as a way to reduce their vulnerabilities and to…
Court Finds, Again, That Device ID Is Not Personally Identifiable Information (PII) Under The Video Privacy Protection Act (VPPA)
On October 8, 2014, a district court judge in Georgia dismissed with prejudice a Video Privacy Protection Act (VPPA) action against The Cartoon Network (CN), holding that the disclosure of the plaintiff’s Android ID was not actionable because the Android ID did not qualify as “personally identifiable information” (PII). The full order is attached.…
Did California Just Impose a First-in-the-Nation Requirement for Breaching Companies To Offer Identity Theft Prevention and Mitigation Services?
This post was also written by Leslie Chen.
Spurred by the security breaches at Target, Neiman Marcus, and The Home Depot, California Gov. Jerry Brown signed into law Assembly Bill No. 1710 September 30, 2014. The bill expands requirements on persons or businesses that own, license, and maintain personal information about a California resident. Specifically,…
Ninth Circuit Refuses To Enforce Arbitration Clause Contained in Barnes & Noble’s ‘Browsewrap’ Terms of Use Agreement
During recent terms, the U.S. Supreme Court has repeatedly embraced mandatory arbitration and class action waivers contained in a wide variety of consumer contracts. The Court has sided with corporate defendants and elevated the requirements of the Federal Arbitration Act above other legal and policy interests advanced by would-be class representatives and their class action…
Plaintiffs Take Another Blow In Video Privacy Protection Act (VPPA) Class Action Against Hulu and Facebook
On June 17, 2014, Magistrate Judge Laurel Beeler of the Northern District of California denied class certification for the proposed class of Hulu and Facebook users alleging that their personal information was transmitted to Facebook in violation of the Video Privacy Protection Act (VPPA). We’ve written about this VPPA case before. At the end…
California Attorney General Issues Recommendations for Privacy Policies and Do Not Track Disclosures
This post was also written by Paul H. Cho.
On May 21, 2014, the California Attorney General, Kamala D. Harris, issued her long-awaited guidance for complying with the California Online Privacy Protection Act (“CalOPPA”). “Making Your Privacy Practices Public,” which can be found here, provides specific recommendations on how businesses are to comply with …