Enforcement + Litigation

Subscribe to Enforcement + Litigation via RSS

A new California trial court decision offers website operators some long-awaited relief in the ongoing wave of website privacy suits under the California Invasion of Privacy Act (CIPA). In early December, the Los Angeles County Superior Court, rejected an increasingly common theory that routine website analytics and tracking tools function as illegal “pen registers” or “trap

Enforcement of California’s Delete Act is accelerating. The California Privacy Protection Agency (CPPA) recently sent a clear message to data brokers: register, pay the required fee, and be prepared to defend your data practices, especially when they involve sensitive populations.

CPPA announced recent settlements with two data brokers totaling more than $100,000 for failing to

Happy New Year! 2025 was a busy year for the Insider authors—we published 271 posts throughout 2025. To kick-off 2026, in case you missed them last year, we are providing the articles from 2025 that were the most interesting to our readers across various categories.

We hope you enjoy them and look forward to another

California’s strict privacy laws, particularly the California Invasion of Privacy Act (CIPA), are fueling a surge in class action lawsuits against major companies over their use of online tracking technologies. In recent weeks, prominent brands including Estée Lauder, Nike, and Luxottica have been hit with proposed class actions in the Northern District of California, all

On January 1, 2026, broad new privacy laws will take effect in Kentucky, Indiana, and Rhode Island, granting consumers in those states greater control over their personal data. With these additions, 19 states now have comprehensive privacy laws in place, which is a significant shift in the data privacy landscape since California led the way in 2018 with the

December 2025 saw India’s courts in New Delhi and Mumbai tackle a new breed of lawsuits: leading Indian cinema celebrities fighting back against unauthorized deepfakes and AI-generated impersonations. Nandamuri Taraka Rama Rao (NTR Jr.), R. Madhavan, and Shilpa Shetty—all famous Indian actors—filed and won powerful court orders aimed at blocking the spread of synthetic images

The recent decision in Wiley v. Universal Music Group highlights how courts are scrutinizing website operators’ privacy controls and representations, particularly regarding cookie banners and opt-out tools. 2025 WL 3654085 (N.D. Cal. Dec. 17, 2025). In a recent decision, although Universal Music Group (UMG) dodged most of the putative class claims over its handling of

Overview of Commonwealth v. Kurtz

On December 16, 2025, the Pennsylvania Supreme Court held that individuals do not have a reasonable expectation of privacy in general, unprotected Google search records. Commonwealth v. Kurtz, No. 98 MAP 2023 (Pa. Dec. 16, 2025). In this criminal case, law enforcement obtained a so-called “reverse keyword search warrant” from

Last week, Massachusetts’ Supreme Judicial Court delved into a case with potentially national implications: should Meta platforms face a lawsuit alleging that Instagram’s design illegally hooks kids with addictive features?

The justices appeared divided as they questioned whether Meta’s practices are protected by Section 230 of the Communications Decency Act, the law that shields online

On November 6, 2025, Texas reached a settlement regarding Senate Bill 140 (SB 140), which set forth amendments to the “state’s mini-TCPA” (Chapters 301-305 of the state’s Business and Commerce Code). In a joint motion to dismiss, the state clarified that businesses who only send marketing texts to users who have opted in need not