Connecticut has enacted a sweeping new data broker law (SB 4, as amended by HB 5222), making it one of a growing number of states to regulate the collection, sale, and licensing of third‑party personal data. Effective October 1, 2026, the law requires data brokers to register with the state…
Continue Reading Connecticut’s New Data Broker Law (SB 4): What Businesses Need to KnowColorado’s PTFA Litigation Wave: Liability for Listing Cell Phone Numbers Without Consent and Why It Puts Data Brokers at Risk
If you list cellphone numbers in a directory for a commercial purpose without consent, you…
Continue Reading Colorado’s PTFA Litigation Wave: Liability for Listing Cell Phone Numbers Without Consent and Why It Puts Data Brokers at RiskNew York Set to Ban Key AI Companion Chatbot Features for Minors in First‑of‑Its‑Kind Law
New York just is set to become the first state in the US to outright…
Continue Reading New York Set to Ban Key AI Companion Chatbot Features for Minors in First‑of‑Its‑Kind LawLast week, Governor Phil Scott signed Act 138, amending Vermont’s data broker law. The…
Continue Reading Vermont Amends Its Data Broker Law: What Do You Need to Know?Subscribe to Privacy Compliance & Data Security
The Latest
CIPA Personal Jurisdiction: Nationwide Call Recording and Analytics Deployment Fails “Express Aiming” Test in Central District of California
A nationwide call recording and analytics service, uniformly deployed nationwide, that merely operates in California is not sufficient, standing alone, to establish specific personal jurisdiction under the California Invasion of…
Continue Reading CIPA Personal Jurisdiction: Nationwide Call Recording and Analytics Deployment Fails “Express Aiming” Test in Central District of CaliforniaData Minimization Under Scrutiny: Hungarian DPA Decision Signals Risk for U.S. Employers
A recent decision by Hungary’s Data Protection Authority (NAIH) offers a deceptively modest outcome, a €5,000 fine, but sends a much stronger signal on the evolving expectations around data minimization…
Continue Reading Data Minimization Under Scrutiny: Hungarian DPA Decision Signals Risk for U.S. EmployersGDPR Processing Begins at the Data Request: What a Spanish Supreme Court Decision Signals for U.S. Privacy Compliance
Data processing begins even before the data is received. A recent ruling of the Supreme Court of Spain clarifies the scope of GDPR obligations and the implications extend to the…
Continue Reading GDPR Processing Begins at the Data Request: What a Spanish Supreme Court Decision Signals for U.S. Privacy ComplianceWhen AI Meets the FCRA: What the Eightfold Class Action Means for Employers and HR Technology Providers
An estimated 87% of companies now using AI-driven tools in their recruitment processes, and that figure has nearly doubled in just two years. AI-powered platforms can ingest millions of candidate…
Continue Reading When AI Meets the FCRA: What the Eightfold Class Action Means for Employers and HR Technology ProvidersAmong US states, California is the only one that treats employees as full “consumers,” providing them the right to an employee notice and an applicant notice and employee rights. While…
Continue Reading Employee Privacy Rights Under CCPA: CalPrivacy Calls for CommentsYour Website’s Pixels May Be Wiretaps: 10 Questions Every Business Should Ask About CIPA
The plaintiffs’ bar has been ramping up lawsuits under the California Invasion of Privacy Act (CIPA) and federal and state wiretapping statutes for years, and the wave is not receding.
Continue Reading Your Website’s Pixels May Be Wiretaps: 10 Questions Every Business Should Ask About CIPAThe plaintiffs’ bar has been ramping up lawsuits for alleged violations of state and federal wiretapping laws (e.g., California CIPA, Florida SCA, Federal ECPA) for many months now. Historically, the…
Continue Reading Your Cookie Banner Might Be Working Against You: Two Compliance Traps to AvoidFor Whom the Discovery Tolls: Your Privacy Notice May Help Time-Bar Website Wiretapping Claims
In a recent decision out of the Northern District of California, the court held that a website operator’s privacy policy, even one presented in a passive, browse wrap-style hyperlink, can…
Continue Reading For Whom the Discovery Tolls: Your Privacy Notice May Help Time-Bar Website Wiretapping ClaimsPlatform liability after Russmedia: Italian DPA Fines Platform for Allowing Phone Number in Sex Work Ads Without Consent
By Odia Kagan
How far does a platform’s responsibility extend when a user posts someone else’s personal data in a classified ad, especially one involving sensitive subject matter like sex…
Continue Reading Platform liability after Russmedia: Italian DPA Fines Platform for Allowing Phone Number in Sex Work Ads Without ConsentAbout this Blog
There is a complex web of federal and state statutes and regulations that govern the gathering, use, and retention of private information. Yet many companies and institutions often have only a vague understanding of their rights, obligations, and potential liability. Fox Rothschild attorneys have the necessary experience to address investigations, claims, and lawsuits alleging violations in the privacy arena.