Section 112020 of the “One Big Beautiful Bill Act” (OBBBA), House version, would expand the reach of the IRC § 4960 excise tax on compensation in excess of $1 million (equal to 21%, the...
Read this practice note discussing factoring transactions, the parties involved, and the reasons for factoring. This practice note specifically discusses the distinguishing features of advance and discount...
Land banking transactions are an alternative financing structure where the land banker (typically an investment group) purchases the land shortly before or soon after the homebuilder acquires it. The parties...
Don’t miss out on what’s trending in the deal market. Find out how dealmakers are navigating valuation uncertainties with increasingly nuanced adjustment provisions, from working capital metrics...
Check out this video discussing best practices for responding to FDA Form 483 inspectional observations. Watch now » Related Content Life Sciences FDA Matters Representation and Warranty Clause...
* The views expressed in externally authored materials linked or published on this site do not necessarily reflect the views of LexisNexis Legal & Professional.
By Kevin Hylton | LexisNexis Practical Guidance
In-house counsel are on the alert in 2023 for class action lawsuits that could be filed at any time related to how their company safeguards the data privacy of consumers.
“In the U.S., class actions are a popular enforcement mechanism to compensate consumers, including for alleged violations of state and federal privacy laws and data breaches,” says the International Association of Privacy Professionals blog.
The latest major salvo was fired in May, when Hearst Television was slapped with a proposed federal class action that alleges the media company knowingly and intentionally shared users’ personal information with third parties in order to fetch higher ad rates, according to Law360.
“In the last few years, we have seen countless class action lawsuits filed over data breaches in which information as sensitive as Social Security numbers was leaked, as well as over websites secretly sending users’ online activity to third parties, and companies unlawfully collecting fingerprints and other unique identifiers,” reported ClassAction.org. “We expect this trend only to grow in the future.”
Indeed, Corporate Counsel magazine named data privacy litigation as the number-one class action trend to watch in 2023.
“When people think of data privacy litigation, the example that most frequently comes to mind is a data breach, where cybercriminals gain access to individuals’ personal information and then use or disclose that information for their own financial gain,” said Kristin Bryan, a partner in the Data Privacy, Cybersecurity & Digital Assets Practice at Squire Patton Boggs. “But there are emerging avenues of privacy litigation coming from the plaintiffs bar. What we’re seeing now is they are often trying to reinvent data privacy laws that were enacted well before the internet and many other modern technologies had even come into existence.”
Bryan noted that in the last couple of years there has been a rise in data privacy class action lawsuits based on federal and state wiretap laws, against website operators in particular. These actions typically encompass claims related to the use of commonplace modern technologies, such as simple chatbots that are deployed to improve customer service.
“The Electronic Communications Privacy Act, which was enacted by the U.S. Congress back in 1986, long before the internet came into existence, was designed to extend restrictions on federal wiretapping and electronic eavesdropping,” said Bryan. “In addition to this federal law, many states have chosen to regulate in this area of wiretapping as well.”
Plaintiffs have begun filing data privacy class action lawsuits based on these wiretap statutes in federal and state courts nationwide — most notably in the states of California, Pennsylvania, Massachusetts, Florida and Illinois — by asserting that these laws extend to how businesses access internet communications.
“Another avenue we are seeing now is class actions targeting companies that use online video communications, based on something called the Federal Video Privacy Protection Act,” said Bryan. “There have been a number of these video privacy cases filed in recent years, with well over 100 coming over the past two years in jurisdictions across the country.”
Bryan notes that this law was enacted back in 1988 and was prompted by the actions of a video store clerk, who disclosed to media outlets a list of videotapes that had been rented by Judge Robert Bork over a period of time. Congress subsequently passed legislation to preserve the personal privacy of individuals with respect to the rental, purchase or delivery of video tapes — or similar audio/visual materials. The law, which created a private right of action, prevents any provider of such materials from disclosing personally identifiable information of a consumer unless an exemption applies.
This 35-year-old law has recently been dusted off by plaintiffs lawyers as a creative launching pad for a number of data privacy class actions.
“What makes this statute so attractive to the modern plaintiffs bar is that, in addition to having a private right of action, there are also liquidated statutory damages in the amount of $2,500 per violation, as well as possible punitive damages and attorneys’ fees,” said Ms. Bryan.
Bryan has obtained dismissals of numerous significant data privacy and cybersecurity litigations, in which plaintiffs collectively sought more than $280 billion in liquidated statutory damages for claims that her clients’ business practices violated federal and state privacy laws. She is a Lexis Practical Guidance contributor and a litigator with deep experience representing clients in complex bet-the-company data privacy, cybersecurity and data breach disputes in federal and state courts nationwide.
I had the privilege of interviewing Ms. Bryan on the latest episode of our “Practical Guidance: Data Privacy Series” podcast, where we invite experts to provide insights on timely data privacy and security issues facing legal practitioners. Listen now or download the episode regarding the rise in privacy class actions being brought under antiquated theories of liability, various state and federal wiretap and video privacy laws that are being relied upon by plaintiffs, and how courts are reacting to these causes of action.