Enforcement + Litigation

Mobile health apps are growing in popularity and their number is increasing every year. Many of us find it convenient to use an app to schedule medical appointments, check medical records, track and store health data, and check symptoms. App developers have always needed to be mindful of protecting the privacy of the information that

This is the time of year for thought pieces reflecting on the past year or so to speculate on the hot topics for next year. I began to wonder about California Consumer Privacy Act (CCPA) enforcement actions over the past year as this was something that we speculated about not that long ago. The California

A professional accounting firm in Illinois received an unwanted holiday “gift” in the form of a class action complaint stemming from its alleged failure to secure personally identifiable information (PII) and to timely notify affected parties of a data breach.

On December 17, 2021, a lawsuit was filed against Bansley & Kierner, LLP, which offers

The U.S. District Court for the Northern District of Illinois denied a motion to dismiss a class action for allegations that GrubHub, Inc. violated the Telephone Consumer Protection Act (TCPA). The plaintiff alleged that she received a series of robocalls from GrubHub, even though she asked to be put on the do-not-call list more than

A federal District Court judge in Illinois sided with the U.S. Department of Labor (DOL) in ordering Alight Solutions, LLC, an ERISA plan services provider, to comply with an administrative subpoena seeking documents pertaining to alleged cybersecurity breaches. The Court’s order in the case, Walsh v. Alight Solutions, LLC, Dkt. # 20-cv-02138 (N.D. Ill.), is

An apparent email snafu has led to the filing of a putative class action against the Phoenix Children’s Hospital. The allegations stem from an email that was allegedly sent out to 368 people that outlined the protocols for employees with approved COVID-19 vaccine exemptions. The email set forth the protocols related to accommodations for such

The Federal Trade Commission released a new enforcement policy statement on October 28, 2021, targeting the practice known as “Negative Option Marketing.” Negative Option Marketing is the practice of taking consumers’ silence as tacit consent in various circumstances, including automatic subscription renewals and free-trial marketing. In the statement, the FTC outlined four general requirements for

Automotive data and software company CDK Global LLC (CDK),  filed suit in 2019 against the Arizona Attorney General in the U.S. District Court for the District of Arizona seeking an injunction against a new law from taking effect.

The new law increased privacy protections for consumers whose data are collected by car dealers and prevents