USA LAW AND PRACTICE Contributed by: Nancy Libin, David Rice, Spencer Persson, Michael Borgia, Robert Stankey, Kara Trowell and Alexander Sisto, Davis Wright Tremaine LLP
Biometrics More than 2,000 cases have been litigated under the Illinois BIPA. Challenges to “fingerprint” timekeeping systems, facial or voice recognition authentication systems, and in-store security systems have been subject to multiple assert - ed claims, some resulting in “ruinous” damage awards prompting significant legislative amend - ments to BIPA in 2024. The Texas State Attorney General has brought and settled multiple claims against online plat - forms under CUBI for alleged unconsented use and processing of biometric data and unauthor - ised disclosures. Children’s Privacy Laws Social media and technology companies have worked together to challenge, on First Amend - ment grounds, state laws designed to restrict the use of algorithms to deliver content to minors, obtaining injunctions in some instances to delay implementation and enforcement. The cases are still developing, with litigation continuing and some states choosing to modify the statutes in a manner more likely to survive legal challenges. Consumer data breach class actions continue to cause companies headaches long after the inci - dent has passed. While defendants have some success at the pleading stage and in defeating motions for class certification, the settlement value of cases involving statutory damages under statutes such as the CCPA has climbed higher, with plaintiffs typically insisting on non- reversionary funds with cash awards to persons covered by the statutory claims. Plaintiffs have been willing to hold out for greater settlements based in large part on the reluctance of defend - ants to litigate these matters, especially where 2.2 Recent Case Law Data Breach Litigation
they have insurance coverage. Moreover, plain - tiffs’ recent success in obtaining favourable class certification orders over the past year has further increased the value of these cases, even if those orders were not as broad as plaintiffs requested. VPPA Litigation Websites of all sorts that link to video content and use third-party vendors to assist with web - site operations or analytics continue to find themselves in litigation, facing allegations that they have violated the VPPA. Like the claims under CIPA, these VPPA claims assert that web - sites that link to video content and share cer - tain information with business partners (usually by “pixels”) violate the VPPA. Companies had enjoyed some amount of success in obtaining dismissals at the pleading stage, but the US Court of Appeals for the Second Circuit’s broad definition of what constitutes a “consumer” and “subscriber” under the statute will ensure that the filings continue. Internet Privacy Litigation The US Court of Appeals for the Sixth Circuit overturned an FCC reclassification of internet access service as a “telecommunications” ser - vice that would have subjected internet service providers (ISPs) to potentially expansive privacy rules, drastically limiting their collection, use and processing of internet users’ data. 2.3 Collective Redress Mechanisms The USA has always been the legal standard bearer in allowing collective or class actions, and that continues to be true in ongoing privacy liti - gation matters. Attorneys representing consum - ers have added another arrow to their quiver in bringing privacy claims over the past few years, turning mandatory arbitration provisions and class action waivers contained in the compa -
537 CHAMBERS.COM
Powered by FlippingBook