Photo of Bryan K. Clark

Back in July, we shared some good news out of California when a state court judge ruled that the newest regulations under the California Consumer Privacy Act (“CCPA”) could not be enforced until March 2024.  But last week, the agency charged with enforcing the CCPA – the California Privacy Protection Agency (with the confusingly similar abbreviation of the “CPPA”) – won reversal of that opinion on appeal.  The ruling now gives the CPPA the authority to begin enforcing immediately the regulations that it enacted in March 2023.Continue Reading Delay Lifted in CCPA Regulations Enforcement

Just over halfway through 2023, nationwide TCPA jurisprudence is focused on further delineating the scope of the TCPA. As the dust settles from earlier battles over defining ATDS requirements, the cases from this year are largely aimed at establishing who can bring a claim under the TCPA and what conduct the statute covers. We summarize here developments since our last update, listed in alphabetical order by topic area.Continue Reading TCPA Turnstile: Scoping out the TCPA – 2023 Midyear Update (TCPA Case Update Vol. 18)

Companies that have been wrestling with exactly how to comply with the latest regulations under the California Consumer Privacy Act (“CCPA”) can breathe a sigh of relief after a California state court judge ruled last week that the newest regulations cannot be enforced until March 2024.  If you’re familiar with the changes to the CCPA, you know that regulators were supposed to have the accompanying regulations in place by July 2022, but failed to do so – in fact, the regulations were not final until March 29, 2023, nearly three months after the statutory effective date of January 1, 2023.  The California Privacy Protection Agency (“CPPA”) voluntarily extended the enforcement deadline to July 1, 2023, but even then, many companies were left scrambling until last Friday, when Judge James Arguelles of the Superior Court of California in Sacramento County entered an injunction barring enforcement of the regulations until March 2024.Continue Reading A Welcome Delay in CCPA Regulations Enforcement

As 2022 comes to a close, we wanted to look back at the most significant Telephone Consumer Protection Act, 47 U.S.C. § 227 (“TCPA”) decisions of the year.  While we didn’t see the types of landscape-altering decisions that we saw in 2021, there’s still plenty to take note of.  We summarize here the biggest developments since our last update, listed by issue category in alphabetical order.
Continue Reading TCPA Turnstile: 2022 Year in Review (TCPA Case Update Vol. 17)

Much ink has been spilled over the Executive Order Enhancing Safeguards for United States Signals Intelligence Activities (the “Executive Order”) signed by President Biden in early October.  The Executive Order is supposed to establish the United States’ commitments reflected in the March 25, 2022 joint EU-U.S. announcement of the Trans-Atlantic Data Privacy Framework (the “Framework”).  While the Framework is described as an “agreement in principle” to facilitate cross-border transfer of personal data, the Executive Order is supposed to go further, toward actually implementing the promised protective measures.  But does it?
Continue Reading Does the Latest Move in Trans-Atlantic Privacy Really Change the Game?

Bell and gavel

One of the best ways for companies facing media and privacy risk to protect themselves from expensive class action litigation is by including an arbitration provision in the applicable terms and conditions. While it’s not always clear at the outset of litigation whether the plaintiff agreed to the terms, companies often have to invoke arbitration quickly out of fear that they will be found to have waived arbitration. But in its coming term, the U.S. Supreme Court is now poised to address the critical point of whether prejudice to the plaintiff is a necessary element for a finding of waiver.
Continue Reading Supreme Court to address role of “prejudice” in evaluating waiver of arbitrability

Phone and gavelThanks to the Supreme Court’s decision in Facebook v. Duguid, 141 S. Ct. 1163 (2021), 2021 will go down as one of the most significant years in the history of the Telephone Consumer Protection Act, 47 U.S.C. § 227 (“TCPA”).  And while the second half of 2021 did not produce the fireworks that we saw earlier in the year, there are still some cases worthy of note as we enter the new year.  We summarize here developments since our last update, listed by issue category in alphabetical order.
Continue Reading TCPA Turnstile: 2021 came in like a lion, and went out more like a lamb for TCPA law (TCPA Case Update Vol. 16)

Phone and gavelThe first half of 2021 saw one of the most significant TCPA rulings in many years as Facebook v. Duguid, 141 S. Ct. 1163 (2021), appeared to settle the long-debated question of what constitutes an automatic telephone dialing system (“ATDS”).  But while the Supreme Court’s April ruling was extremely positive for the TCPA defense bar, it by no means brought an end to TCPA claims.  Significant cases have continued to yield decisions, including cases that have sought to interpret Facebook.  And the state of Florida stepped into the abyss in passing a “mini-TCPA” statute that went into effect earlier this month that regulates telemarketing at the state level, with a much broader definition of the relevant technology.  Thus, the TCPA (and related statute) litigation landscape, while upended to some degree, remains unsettled, and we’ll continue to provide our insights.  We summarize here developments since our last update, listed by issue category in alphabetical order.
Continue Reading TCPA Turnstile: TCPA cases in a post-Facebook world (TCPA Case Update Vol. 15)

The European Union’s General Data Protection Regulation (“GDPR”) is well known as the toughest privacy and security law in the world, as it has a wide reach and imposes heavy fines against those who violate its privacy and security standards (which are quite broad). The impact of the GDPR has already been felt in the United States since it went into effect in 2018, and now U.S. lawmakers in numerous states are moving to enact similar legislations. The California Consumer Protection Act (“CCPA”) was the first instance of the GDPR’s impact in the United States, as California put in place a statute and regulations that mirrored the GDPR in several respects. Now Virginia has set in motion what could be a year-long string of states enacting similar legislation. In particular, Washington and New York have proposed legislation following the framework of the CCPA. This article will compare the CCPA to the newly enacted and proposed privacy laws in the United States.
Continue Reading GDPR in the USA? New State Legislation Is Making This Closer to Reality

Phone and gavelOne of the few things that hasn’t changed significantly since our last TCPA update is, well, the TCPA. We have a new year, a new President and multiple new COVID vaccines.  And after the December oral argument in Facebook v. Duguid before the Supreme Court, 2021 could be the year when we receive clarity on the critical TCPA question of what constitutes an automatic telephone dialing system (“ATDS”).  Indeed, the argument seemed positive for the TCPA defense bar, with Justices Alito and Thomas chafing at the anachronistic nature of the statute and Justices Sotomayor and Gorsuch expressing concerns about the idea that every cellphone user could be subject to civil liability.  But for now, the TCPA litigation landscape remains the same bizarre, often inconsistent quagmire that it always has been.  We’ll continue to be your guide through the morass, and we summarize here developments since our last update, listed by issue category in alphabetical order.
Continue Reading TCPA Turnstile: New Year, Same TCPA – For Now (TCPA Case Update Vol. 14)