Recognizing that different levels of culpability warrant different annual civil penalty limits, the Department of Health and Human Services adopted a notification April 23, 2019, to be published in the Federal Register April 30, 2019, that reduces the majority of the caps on annual civil penalties. See 45 C.F.R. Part. 160. Continue Reading HIPAA Civil Penalty Annual Limits Plummet
One of the most common things we discuss with clients is the need to ensure that privacy policies accurately reflect the actual procedures in place for handling confidential information. The SEC reiterated that point last week in a Risk Alert that encouraged SEC-registered companies to review their written policies and procedures to ensure adequate implementation and compliance with the law. In the Risk Alert, the Office of Compliance Inspections and Examinations (“OCIE”) published a list of issues under Regulation S-P (the privacy rule) it has seen in the context of exams. Continue Reading SEC: Practice What You Preach on Privacy
Although there have not been any groundbreaking cases to start the new year, 2019 is off to a good start for the TCPA defense bar. Several courts have denied class certification in putative TCPA class actions while other courts have granted dismissal or summary judgment for the defendants. Below are the most notable cases for this review period. The decisions are listed by issue category in alphabetical order.
No Actual Harm Necessary to Assert Biometric Privacy Claims in Illinois
Today the Illinois Supreme Court held that an individual does not need to allege actual harm in order to seek liquidated damages and injunctive relief under the Illinois Biometric Information Privacy Act (BIPA or the Act) 740 ILCS 14/1 et seq. In Rosenbach v. Six Flags Entertainment Corp., the Court unanimously found that a plaintiff need only allege a technical violation of BIPA in order to be sufficiently “aggrieved” under the Act. The Court’s holding today is likely to embolden potential plaintiffs and increase the already considerable number of BIPA-related cases throughout Illinois and the country. Continue Reading BIPA ALERT: An Opening of the Litigation Floodgates?
As we head into 2019, there are plenty of reasons for optimism in the TCPA defense bar. Courts nationwide have continued to interpret the ACA v. FCC ruling favorably to defendants at both the motion to dismiss and summary judgment stages, and there have been other positive TCPA decisions during the past month as well. But unfortunately, it is not all good news. At least three courts have certified TCPA class actions in the past month. Although the facts of each case are obviously critical to assessing the propriety of class certification, we always prefer to see class certification denied in these sorts of cases. Below are the most notable cases for this review period. The decisions are listed by issue category in alphabetical order. Continue Reading TCPA Case Law Review (Vol. 7)
As 2018 comes to a close, there is no sign that the development of TCPA case law will be slowing any time soon. Since our last report in October, we have reviewed at least 75 new decisions discussing the TCPA in one way or another. Some cases, like Carlton & Harris Chiropractic, Inc. v. PDR Network, LLC (which we discussed last week), make bigger news than others. But it’s important to keep tabs on the full TCPA litigation landscape to understand what patterns are emerging and what arguments are winning. Below are the most notable cases for this review period. The decisions are listed by issue category in alphabetical order. Continue Reading TCPA Case Law Review (Vol. 6)
As we speed past Thanksgiving and enter the holiday season, kids shouldn’t be the only ones putting together their wish lists. Here are some things that might not fit under a tree, but would certainly fill us with the joy of the season.
It has now been more than four months since the GDPR was enacted, leaving corporations around the world grappling with the implications. Bryan Clark recently offered some insights in Digital Journal’s “Q&A: Analyzing GDPR’s Impact So Far,” where he discussed the impact of GDPR on people and companies operating outside of Europe, similar privacy laws that may impact the U.S., how businesses can prepare for new privacy laws, and the impact on consumers. Continue Reading In the News: Media & Privacy Risk Report Editors Blaine Kimrey and Bryan Clark Discuss GDPR in <i>AdExchanger</i> and <i>Digital Journal</i>
Since our last TCPA update at the end of August, the biggest news has obviously been the Marks v. Crunch case – you can read our thoughts on that case here. But that was not the only meaningful case decided in the last month or so. Decisions continue to roll in on critical issues such as class certification, the definition of an ATDS, and the viability of negotiated settlements. Below are the most notable cases for this review period. The decisions are listed by issue category in alphabetical order.
Ever since the D.C. Circuit’s ruling six months ago in ACA Int’l v. FCC, 885 F.3d 687 (D.C. Cir. 2018), which invalidated the FCC’s interpretation of an Automatic Telephone Dialing System (“ATDS”), a consensus had been growing. Led by the Third Circuit in Dominguez v. Yahoo, Inc., 894 F.3d 116 (3d Cir. 2018), many courts nationwide have found that the ACA opinion invalidates all of the FCC’s previous ATDS definitions and stands for the proposition that an ATDS is a system that uses a random or sequential number generator. But because things can never be that easy in the TCPA space, the Ninth Circuit created a circuit split last week with its decision in Marks v. Crunch San Diego, LLC, 2018 U.S. App. LEXIS 26883 (9th Cir. Sept. 20, 2018).