United States Supreme Court

On November 20, 2025, the Illinois Supreme Court issued a decision that may help defendants establish that Illinois State Court plaintiffs lack standing when they have not suffered actual harm. In Fausett v. Walgreen Company d/b/a Walgreens, 2025 IL 131444 (2025), the court substantially limited plaintiffs’ ability to satisfy standing in Illinois state courts when those same plaintiffs are unable to establish Article III standing in federal court.

Continue Reading Illinois Supreme Court Places Standing Limits on Plaintiffs’ Ability to Assert Statutory Claims in Illinois State Court
Computer security

What was intended as a safeguard against abusive telemarketing is being twisted into a potentially far more sweeping restriction, raising serious First Amendment concerns for corporate communicators of people’s contact information. Colorado’s Prevention of Telemarketing Fraud Act’s (“PTFA”) listing provision (“Listing Provision”) threatens corporate sharing of cell phone numbers, regardless of whether these cellular phone numbers are already in the public domain. In just the past year, plaintiffs’ attorneys have filed almost 30 PTFA putative class actions, claiming that Coloradans’ cell phone numbers are presumptively private no matter how widely disseminated. In these shakedown suits, plaintiffs’ attorneys target companies for alleged knowing listing of “a cellular telephone number in a directory for a commercial purpose unless the person whose number has been listed has given affirmative consent[.]” Colo. Rev. Stat. Ann. § 6-1-304(4).

Continue Reading Beware Plaintiffs Threatening the First Amendment – Colorado PTFA Listing Provision Litigation Seeks to Muzzle Freedom of Speech
Asian businesswoman using smartphone in airport lounge

Since our last TCPA update, the biggest development was the Supreme Court’s ruling in McLaughlin Chiropractic Associates, Inc. v. McKesson Corp., which we wrote about here, which established that federal courts are not bound by the FCC’s interpretation of the TCPA.  In the wake of McLaughlin, courts and litigants alike have wrestled with how much deference (if any) to give to the FCC’s many regulations interpreting the TCPA, as parties are now free to challenge agency rulings that they believe are not in line with the law, and district courts can independently interpret the TCPA.  We summarize here the major developments since our last update, listed in alphabetical order by topic area.

Continue Reading TCPA Turnstile: Living in a Post-McLaughlin World (TCPA Update Vol. 21)

The recent announcement by the states of California, Colorado and Connecticut that they are working together to carry out a joint investigative sweep has raised eyebrows across the privacy world. Last week, California Attorney General Rob Bonta, the California Privacy Protection Agency (CPPA), and the attorneys general of Colorado and Connecticut announced that they are working together to investigate businesses that refuse to honor consumers’ right to opt out of the sale or sharing of their personal data. The sweep aims especially at companies that are not processing opt-out requests made via the Global Privacy Control tool (GPC), even though it is required by law in each of the three states involved.

Continue Reading Cross-State Regulatory Sweep Highlights Growing Legal Risk Around Consumer Data Opt-Outs

Faced with waves of consumer lawsuits targeting common website tools like browser cookies, tracking pixels, and live chat features, businesses are often frustrated by the outsized exposure posed by seemingly “no-injury” claims. (See, for example, last week’s post about CIPA claims.) The Ninth Circuit Court of Appeals recently provided some comfort by clarifying what a plaintiff must allege to show “concrete injury” as required for Article III standing. The court’s decision in Popa v. Microsoft Corp., No. 24-14, 2025 WL 2448824 (9th Cir. Aug. 26, 2025), strengthens defenses to online privacy claims—with broad application to other types of consumer claims as well—holding that standing requires more than just an alleged statutory violation.

Continue Reading Popa v. Microsoft Corporation, et al.: Ninth Circuit Clarifies Article III Standing Requirements and Strengthens Defenses to Internet Privacy and Other Consumer Claims

In a significant First Amendment ruling, the Fifth Circuit in Spectrum WT v. Wendler held that a drag show hosted by an LGBTQ+ student organization at West Texas A&M University qualifies as expressive conduct.  The decision underscores that drag performances, like other forms of artistic and political expression, can fall within the core protections of the First Amendment. 

Continue Reading Fifth Circuit Holds that Drag Show is Expressive Conduct Protected Under First Amendment
cybersecurity concept Global network security technology, business people protect personal information. Encryption with a padlock icon on the virtual interface.

When we speak to clients about online privacy issues, they almost always mention the CCPA – California’s Consumer Privacy Act that regulates the collection and use of personal data. But unless they have already faced a lawsuit, pre-suit demand, or arbitration demand, our clients rarely mention the other four-letter California statute that has been the source of significant litigation over the past few years.  And that’s CIPA – California’s Invasion of Privacy Act.

Continue Reading CIPA: The “Other” California Privacy Statute You Should Be Worried About

With its recent ruling in McLaughlin Chiropractic Associates, Inc. v. McKesson Corp., 606 U.S. ___ (2025), the U.S. Supreme Court has continued its trend of reining in the power of agencies and giving litigants more avenues to push back against administrative rulemaking.  This will have significant consequences in the context of statutes like the Telephone Consumer Protection Act (“TCPA”), which has steadily increased in scope over the years thanks to the Federal Communications Commission (“FCC”).  More generally, the Court’s decision in McLaughlin Chiropractic, paired with last year’s decision in Loper Bright Enterprises v. Raimondo, 144 S. Ct. 2244 (2024) (which we discussed here), raises significant questions about whether those FCC regulations carry any meaningful weight at this point.

Continue Reading SCOTUS Ruling Tips the Scales in Favor of District Courts, Not the FCC, When it Comes to Interpreting TCPA
Courthouse

On May 29, 2025, the New Jersey Court of Appeals reversed dismissal in Satz v. Starr, No. A-2785-23, 2025 WL 1522032 (N.J. Super. Ct. App. Div. May 29, 2025), holding that the plaintiff’s voluntary dismissal of his claims did not preclude the defendants from seeking counsel fees and costs under New Jersey’s anti-SLAPP law, the Uniform Public Expression Protection Act (UPEPA), N.J.S.A. 2A:53A-49. While precedent in New Jersey, this decision can be looked to as persuasive authority in other UPEPA jurisdictions that a plaintiff cannot avoid liability under UPEPA simply by voluntarily dismissing the complaint.

Continue Reading New Jersey SLAPPs Back: New Jersey Court of Appeals Eradicates Anti-SLAPP Loophole

California is a bellwether for privacy laws, which is why we’ve been watching carefully as recent events suggest that business-friendly interests may be gaining a foothold in what has historically been one of the most restrictive states in the country.  Since the landmark California Consumer Privacy Act (“CCPA”) went into effect in 2020, interest groups, regulators, and politicians have been battling to impact the future of the statute and related regulations.  Meanwhile, creative plaintiffs’ lawyers have turned their focus to the California Invasion of Privacy Act (“CIPA”) to argue that California’s eavesdropping statute also applies to online tracking technologies.  But recent developments related to both the CIPA and the CCPA may give businesses reason for hope.

Continue Reading Is California cooling to privacy law run amok?