On April 29, 2026, the United States Supreme Court issued a unanimous opinion in First Choice Women’s Resource Centers, Inc. v. Davenport, where it held that a nonprofit suffered an injury to its First Amendment right of association when it was subpoenaed by a state attorney general to produce donor information, including donor identities.1 Justice Gorsuch, writing for the Court, held that the nonprofit petitioner could challenge the subpoena in federal court without first waiting for a state court to compel compliance.
Continue Reading Supreme Court Reinforces Donor Privacy Protections, Permitting Immediate Federal Court Challenge to State SubpoenaThe White House Legislative Recommendations: National Policy Framework for Artificial Intelligence and Federal Preemption of State AI Laws
On March 20, 2026, the White House released its National Policy Framework for Artificial Intelligence (“Framework”), outlining legislative recommendations for Congress to establish a unified federal approach to AI regulation. The Framework builds on prior executive actions, including the December 2025 Executive Order (the “Executive Order”) and the Trump administration’s “America’s AI Action Plan,” and it proposes that Congress adopt legislation broadly preempting state AI laws deemed to impose “undue burdens.” This alert summarizes the Framework’s key provisions, analyzes their potential impact on state laws, and highlights considerations for healthcare and life sciences stakeholders navigating the evolving regulatory landscape. While the Framework does not itself change the current legal status of the Executive Order, it signals increased policy focus and may prompt further agency action.
Continue Reading The White House Legislative Recommendations: National Policy Framework for Artificial Intelligence and Federal Preemption of State AI Laws
Supreme Court to Consider the Video Privacy Protection Act
Last week, the U.S. Supreme Court agreed to hear a case that is expected to resolve a long-developing split among federal courts of appeals over the scope of the Video Privacy Protection Act of 1988 (“VPPA”), 18 U.S.C. § 2710. In granting certiorari in Salazar v. Paramount Global, the Court will address a question that has increasingly shaped VPPA class action litigation in recent years: who qualifies as a “consumer” protected by the statute.
Continue Reading Supreme Court to Consider the Video Privacy Protection ActPixel Litigation Risk at Financial Institutions
An increasingly aggressive plaintiffs’ bar has brought purported class action suits based on the nearly ubiquitous use of tracking technologies used for website analytics. Although any actual harm to the plaintiffs is difficult to articulate, the health care industry has been plagued by a series of these cases. Now the plaintiffs may be moving to financial services with the potential for statutory penalties of hundreds of dollars per user when a duty of confidentiality can be credibly implicated.
The tracking tags, pixels and similar website analytics technologies are nothing new. Rather, the technologies at issue in such complaints are widely used on websites and mobile applications across industries, including by government entities, to collect information about user behaviors and interactions with the online platform where they are embedded. That information is then sent to a third party for analytics used to enhance user experience on the platform. Many of these technologies are integral to an organization’s ability to ensure its websites and applications are functioning properly, among other things providing crash reports when users encounter issues. Additionally, many consumer-facing businesses contract with third parties to provide session replay scripts, a software that monitors and records web-user activity such as keystrokes, clicks, and scrolling. Despite the pervasiveness of these technologies, plaintiffs have seized on ambiguities in the California state wiretap act, known as the California Information Privacy Act, as well as federal wiretap law as the basis for exceptionally large damage demands.
Continue Reading Pixel Litigation Risk at Financial InstitutionsFalse Claims Act Insights: Key Takeaways from DOJ’s Fiscal Year 2024 Cases & Recoveries
The U.S. Department of Justice (DOJ) announced last Wednesday that settlements and judgments under the False Claims Act (FCA) exceeded $2.9 billion in fiscal year 2024—up approximately 5% from last year. DOJ’s announcement underscores its commitment to FCA enforcement, particularly in the healthcare industry and now with increased activity in the areas of pandemic
Unwrapping 2024’s Key Trends in Data Privacy Litigation
Data breaches made headlines throughout 2024, affecting governments, health care groups, and telecoms. Follow-on litigation has kept pace. Nearly 4,000 class actions involving data privacy issues are estimated to be filed in federal courts by the end of this year.
Growth in litigation meant that 2024 saw legal developments in several areas including standing to sue and web video suits. Increased attention on cybersecurity and privacy incidents unsurprisingly corresponded with active SEC enforcement and derivative suits related to inadequate data security.
Continue Reading Unwrapping 2024’s Key Trends in Data Privacy LitigationR&G Tech Studio Presents: Managing Principal and Global Head of Advanced E-Discovery and A.I. Strategy Shannon Capone Kirk
On this episode of the R&G Tech Studio podcast, managing principal and global head of advanced E-Discovery and A.I. strategy Shannon Capone Kirk sits down with data, privacy & cybersecurity partner Fran Faircloth to discuss how new and ever-evolving technology is impacting her clients, particularly generative AI, and the challenges that arise in litigation and
DoorDash and California Attorney General Reach Settlement Over Privacy Allegations
Following up on announcements of sweeps from late January, last week California Attorney General Rob Bonta announced a settlement with the popular food delivery service DoorDash related to allegations that DoorDash breached the California Consumer Privacy Act (CCPA) and the California Online Privacy Protection Act (CalOPPA). The announcement doubles down on the Attorney General’s reiteration that privacy will continue to be priority for his office, while the new California Privacy Protection Agency (CPPA) is getting up to speed.
Continue Reading DoorDash and California Attorney General Reach Settlement Over Privacy AllegationsDashing Through 2023’s Privacy Litigation Trends
Looking back on 2023, the trend of privacy-based class actions has only increased, and it doesn’t seem poised to halt or even slow down in the new year. Businesses are feeling acutely the threat of future litigation. At the end of 2022, the hundreds of cross-industry respondents to the Annual Litigation Trends Survey cited cybersecurity, data protection, and data privacy as the second-highest ranked area of future concern for class actions, and their concerns turned out to be justified. From peeved Pixel plaintiffs to data breach defendants, class actions abounded this year.
Continue Reading Dashing Through 2023’s Privacy Litigation TrendsR&G Tech Studio Presents: Litigation & Enforcement Partner Ama Adams
On this episode of the R&G Tech Studio, litigation & enforcement partner Ama Adams, who’s also the managing partner of Ropes & Gray’s Washington, D.C. office, sits down with data, privacy & cybersecurity partner Fran Faircloth to discuss how she helps clients bridge the gap between ongoing national security concerns and the rapidly evolving