Leveraging Knowledge to Manage Your Data Risks
On June 30, 2025, Block, Inc.—an electronic financial services company that operates Cash App—entered into a proposed settlement with customers regarding unsolicited text messages from the company. The dispute stemmed from a marketing campaign that allowed Cash App users to refer their contacts to use the application.
Cash App allowed users to click an “Invite…
On July 1, 2025, California Attorney General Rob Bonta announced a settlement with Healthline Media LLC stemming from alleged violations of the state’s consumer privacy law, the California Consumer Privacy Act (CCPA). According to the complaint, Healthline’s privacy practices failed to comply with several core CCPA requirements.
Opt-Out Mechanisms
Under the CCPA, California residents have…
On June 16, 2025, the Federal Trade Commission (FTC) issued FAQs that directly affect many automobile dealers, clarifying how its Safeguards Rule (the Rule), part of the FTC’s implementation of the Gramm-Leach-Bliley Act (GLBA), applies to the automotive sector. The Rule requires non-banking financial institutions to implement measures to protect customer information—and the FTC is…
On June 13, 2025, a federal court in the Northern District of California held that a putative Video Privacy Protection Act (VPPA) class action lawsuit belonged in arbitration, thanks to the defendant company’s arbitration clause.
If you’ve been following our blog, you’ve seen the rise in VPPA class action litigation against companies that provide video…
What do a global sportswear giant and a prestigious medical center have in common? Apparently, a shared struggle defending data breach lawsuits for breaches of sensitive personal information caused by third-party vendors.
This week, Adidas America and the University of Chicago Medical Center found themselves on the receiving end of data breach lawsuits. The plaintiffs…
New York Attorney General Letitia James and 13 other Attorneys General filed suit in October 2024 against TikTok “for misleading the public about the safety of its platform and harming young people’s mental health.” TikTok moved to dismiss the case and, on May 28, 2025, New York Supreme Court Judge Anar Rathod Patel denied the…
Video Privacy Protection Act (VPPA) class action lawsuits have been on the rise, and the owner of the The Onion, a popular satire site, finds itself the subject of a recent one. On May 16, 2025, a plaintiff-initiated litigation against Global Tetrahedron, LLC, the owner of The Onion, alleges that the defendant installed the Meta…
This post was co-authored by Summer Legal Intern Mark Abou Naoum. Mark is not admitted to practice law.
This week, the U.S. District Court for the Northern District of California ruled in favor of children’s clothing retailer Janie & Jack, which sought to enjoin over 2,400 individual arbitration claims resulting from alleged violations of the…
A new wave of state consumer privacy laws focused on limiting data collection is creating anxiety among businesses—and Maryland is leading the charge. The Maryland Online Data Privacy Act (MODPA), set to take effect in October 2025, requires companies to collect only data that is “reasonably necessary and proportionate” to their stated purposes. However, with…
U.S. companies are running out of time to comply with a sweeping new Department of Justice (DOJ) rule that limits sharing sensitive personal data with certain foreign countries—including China, Russia, and Iran. With a hard compliance deadline of July 8, 2025, businesses must act quickly to avoid steep civil or criminal penalties.
The rule…
