On December 9, 2020, the Wall Street Journal reported that Apple and Google will block the data broker X-Mode Social Inc. (“X-Mode”) from collecting location data from iPhone and Android users. Apple and Google have reportedly informed app developers to remove the X-Mode social tracking SDK from all of their apps within a short period … Continue Reading
Last week, a putative privacy-related class action was filed in California district court against financial analytics firm Envestnet, Inc. (“Envestnet”), which operates Yodlee, Inc. (“Yodlee”). (Wesch v. Yodlee Inc., No. 20-05991 (N.D. Cal. filed Aug. 25, 2020)). According to the complaint, Yodlee is one of the largest financial data aggregators in the world and through … Continue Reading
This past week, the operator of the popular Weather Channel (“TWC”) mobile phone app entered into a Stipulation of Settlement with the Los Angeles City Attorney, Mike Feuer (“City Attorney”), closing the books on one of the first litigations to focus on the collection of locational data through mobile phones. (People v. TWC Product and … Continue Reading
Late last month, the French data protection authority, the CNIL, published guidance surrounding considerations behind what it calls “commercial prospecting,” meaning scraping publicly available website data to obtain individuals’ contact info for purposes of selling such data to third parties for direct marketing purposes. The guidance is noteworthy in two respects. First, it speaks to … Continue Reading
While Washington’s comprehensive data privacy bill (SB 6181) — inspired by California’s CCPA — died when legislators could not hammer out a compromise over enforcement mechanisms, the state legislature did reach agreement and Gov. Jay Inslee signed into law a facial recognition bill (SB 6280) that provides some important privacy and antidiscrimination provisions regarding state … Continue Reading
An interesting New York Times article last week posited that governments’ use of digital surveillance techniques for the COVID-19 response – such as the tracking of geolocation to gauge quarantine restrictions – would lead to more pervasive digital tracking in the future. On a related note, there have been reports of an increased use of … Continue Reading
In continuing its push to enforce its terms and policies against developers that engage in unauthorized collection or scraping of user data, Facebook brought suit last month against mobile marketing and data analytics firm OneAudience LLC. (Facebook, Inc. v. OneAudience LLC, No. 20-01461 (N.D. Cal. Complaint filed Feb. 27, 2020)). Facebook alleges that OneAudience harvested … Continue Reading
UPDATE: On February 28, 2020, the FCC proposed over $200M in fines against the wireless carriers. On January 31st, FCC Chairman Ajit Pai transmitted a letter in response to a prior inquiry from a number of House members regarding the status of the Commission’s investigation into reports that the major wireless carriers were allegedly … Continue Reading
Last week, Democratic Senators Ron Wyden and Sherrod Brown and Congresswoman Anna Eshoo sent a letter to FTC Chairman Joseph J. Simons urging the agency to investigate whether analytics firm Envestnet, Inc. (which operates Yodlee) was violating the FTC Act. According to the letter, Yodlee is the largest consumer financial data aggregator in the United … Continue Reading
It is that time of year when we look back to see what tech-law issues took up most of our time this year and look ahead to see what the emerging issues are for 2020. Data: The Issues of the Year Data presented a wide variety of challenging legal issues in 2019. Data is solidly … Continue Reading
The Georgia Supreme Court ruled that the retrieval of electronic automobile data from an electronic data recording device (e.g., airbag control modules) without a warrant at the scene of a fatal collision was a search and seizure that implicates the Fourth Amendment, regardless of any reasonable expectations of privacy. (Mobley v. State, No. S18G1546 (Ga. … Continue Reading
This week, the FTC entered into a proposed settlement with Unrollme Inc. (“Unrollme”), a free personal email management service that offers to assist consumers in managing the flood of subscription emails in their inboxes. The FTC alleged that Unrollme made certain deceptive statements to consumers, who may have had privacy concerns, to persuade them to … Continue Reading
In an important opinion, the Ninth Circuit affirmed a lower court’s ruling that plaintiffs in the ongoing Facebook biometric privacy class action have alleged a concrete injury-in-fact to confer Article III standing and that the class was properly certified. (Patel v. Facebook, Inc., No. 18-15982 (9th Cir. Aug. 8, 2019)). Given the California district court’s … Continue Reading
Today, the Georgia Supreme Court is set to hear oral argument in an appeal brought by a defendant convicted of vehicular homicide and other charges related to a fatal car crash. (Mobley v. State, No. S18C1546). The defendant is appealing the lower court’s order that denied his motion to suppress evidence that was downloaded and … Continue Reading
UPDATE: Both bills failed to be reported out of committee by March 28, 2019 and were not debated during this year’s legislative session. In the wake of the Illinois Supreme Court decision that held that claimants need only allege a procedural violation to have standing to bring an action under the Illinois Biometric Information Privacy … Continue Reading
Senators Brian Schatz (D) and Roy Blunt (R) recently introduced S.847, the “Commercial Facial Recognition Privacy Act of 2019,” a bill that would, subject to certain important exceptions, generally prohibit the commercial use of facial recognition technology to identify and track consumers without consent. The bill, as drafted would place limitations on the third-party sharing … Continue Reading
UPDATE: Subsequent to the introduction of the New York City Council biometric privacy bill, on March 5, 2019 members of the Florida legislature introduced the “Florida Biometric Information Privacy Act” (SB 1270). The statute generally follows the Illinois Biometric Information Privacy Act (BIPA) regarding notice and consent requirements and notably provides for a private right … Continue Reading
Last Friday, the Illinois Supreme Court ruled in the long-awaited Rosenbach case that an individual does not have to plead an actual injury or harm, apart from the statutory violation itself, in order to have statutory standing to sue under the Illinois Biometric Information Privacy Act (BIPA). The Illinois Supreme Court ruling will allow procedural … Continue Reading
In a long-awaited decision, the Illinois Supreme Court issued its ruling in Rosenbach v. Six Flags Entertainment Corp., 2019 IL 123186 (Ill. Jan. 25, 2019), on whether a person “aggrieved” by a violation of the Illinois Biometric Information Privacy Act (“BIPA”) must allege some actual injury or harm beyond a procedural violation to have standing … Continue Reading
Yesterday, Los Angeles City Attorney Mike Feuer filed an unfair competition lawsuit on behalf of the People of the State of California against the operator of the popular Weather Channel app (“TWC app”) for allegedly failing to conspicuously disclose to users that the TWC app collects and shares users’ mobile geolocation data. (People v. TWC … Continue Reading
Yes, it’s time for the end-of-year blog post – a look back at interesting issues of 2018 and a look forward to what we see coming down the pike in the new year. The Look Back In the past year, blockchain buzz was everywhere. Although still early, blockchain has in fact began to show promise … Continue Reading
This post discusses some of the contractual requirements imposed by Apple and Google regarding the collection and sharing of locational information. What consents, if any, do Apple and Google require that app publishers obtain before collecting and using locational information? This is a question that is being asked with increasing frequency. In fact, a regular … Continue Reading
On November 20, 2018, the Illinois Supreme Court heard oral argument on whether a company’s technical violation of the Illinois Biometric Information Privacy Act (“BIPA”) is sufficient to confer standing or whether a plaintiff must allege actual harm resulted from the violation. (Rosenbach v. Six Flags Entertainment Corp. et al., No. 123186) (prior decision). The Court’s … Continue Reading
Last December, we noted the continuing robust wave of Illinois biometric privacy suits. At that time, dozens of suits had been filed in Illinois state court against Illinois-based employers and other businesses alleging violation of Illinois’s Biometric Information Privacy Act (BIPA), which generally regulates the collection, retention, and disclosure of personal biometric identifiers and biometric … Continue Reading