GDPROrganizations which fail to implement appropriate technical and organizational security measures to protect personal data and suffer personal data breaches as a result, increasingly may find themselves facing the double whammy of both enforcement action by the UK Information Commissioner’s Office (ICO), (which can include significant financial penalties) and potentially also group-style legal actions brought by data subjects.

British Airways, which suffered a cyber incident that is believed to have started in June 2018 and led to a personal data breach involving almost 500,000 of its customers, has found itself on the receiving end of such an action.Continue Reading UK Group-Style Data Breach Actions Continue

A federal judge in Oregon, Hon. Michael H. Simon, has recently upheld a $925 million statutory damages award against health supplement maker ViSalus for its violation of the Telephone Consumer Protection Act (“TCPA”)—making this the largest TCPA damages award to date.

The underlying class action against ViSalus alleged the company placed nearly 2 million unsolicited robocalls nationwide to advertise its weight-loss and dietary products.  The class argued that the robocalls constituted unlawful telemarketing practices and violated the TCPA, and after a three-day trial in April of 2019, a jury agreed.
Continue Reading $925M TCPA Robocall Award Upheld

CCPARecent class action complaints against Zoom Video Communications, Inc. (“Zoom”) are interesting examples of the new risks posed by the California Consumer Privacy Act (“CCPA”) which took effect on January 1. While formal enforcement by the California Attorney General will not begin until July 1, the CCPA’s private right of action allows individuals to bring suits before July. Although the text of the CCPA’s private right of action would lead a reader to believe that the private right of action is limited to suits alleging a breach of personal information, apparently some plaintiffs are not shying away from attempting to use the CCPA to support other litigation.  How the California courts handle such lawsuits will be instructive to businesses who collect personal information from California residents.
Continue Reading Zoom Faces Class Action Complaints Alleging CCPA Violations