Following up on our post of January 22, 2020 (“Big News in Biometrics – Supreme Court Declines to Weigh in on What Plaintiffs Must Show to Bring Biometric Privacy Suit”), Facebook has now agreed to pay $550 million to settle the BIPA class action lawsuit.  This is the largest BIPA settlement ever, and it will

The National Institute of Standards and Technology (NIST) released version 1.0 of its Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management, which follows the structure of the Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework).  The Privacy Framework acknowledges that failure to manage privacy risks can have direct adverse

One notable difference between the California Consumer Privacy Act (CCPA) and Europe’s General Data Privacy Regulation (GDPR) is that only the latter provides the right for individuals to not be subjected to automated decision-making, including profiling, which has legal or other significant effects on that individual.

But, the CCPA still creates issues for covered entities

On January 21, 2020, the Supreme Court denied Facebook’s Petition for Certiorari, raising the issues of (i) Whether a court can find Article III standing based on its conclusion that a state protects a concrete interest, without determining that the plaintiff suffered a personal, real-world injury from the alleged statutory violation; (ii) whether a court