Privacy Law

Subscribe to Privacy Law

In a recent public comment addressed to the United States Copyright Office, the Federal Trade Commission seemingly expanded upon remarks made at the National Advertising Division back in September that it will aggressively and proactively challenge alleged unfair practices involving artificial intelligence, even if that means stretching the meaning of “unfair” to increase its jurisdiction over such matters.

While speaking at the annual conference of the National Advertising Division on September 19, 2023, the Federal Trade Commission (“FTC”) announced a generative AI (“AI”) policy that is consistent with Chairwoman Khan’s focus on the perceived harms to consumers from large technology companies, fully embracing a plan to regulate AI swiftly, aggressively, and proactively. 

The agency began its remarks on AI by observing that its purported policy decision to allow technology companies to self-regulate during the “Web 2.0” era was a mistake. Self-regulation, according to the FTC, was a failure that ultimately resulted in the collection of too much power and too much data by a handful of large technology companies. 

Class action lawsuits accusing companies of violating the Illinois Biometric Information Privacy Act (“BIPA”) have more than doubled following a February 2023 ruling by the Illinois Supreme Court, which found, based on a plain reading of the statute, a separate claim accrues each time a person’s biometric identifier is scanned in violation of the statute.  

Increasing oversight of tech companies, particularly in the realm of consumer privacy, has been a rare example of bipartisan agreement. Despite data privacy being a growing concern for consumers, however, there has been relatively little federal policymaking. To counteract this lack of action, some states have stepped in to fill this void—and have enacted policies that could have large impacts on how businesses operate. The rapid rate at which these laws are being enacted – eleven have been enacted– indicates states are taking an increasingly protective view of consumers’ data privacy. Businesses need to be prepared to comply with these new mandates, or risk costly enforcement measures.

Last month, TikTok sued Montana’s attorney general—alleging the state’s recent TikTok ban is unconstitutional and is preempted by federal law.

On May 17, Montana Governor Greg Gianforte signed a first-of-its-kind law banning TikTok from operating in the state, in order “[t]o protect Montanans’ personal, private, and sensitive data and information from intelligence gathering by the Chinese Communist Party.”

The Ninth Circuit recently issued an opinion that could shape how companies draft and revise two oft-encountered types of contracts: terms of service agreements (“TOS”) and arbitration clauses.

In Jackson v. Amazon.com, Inc., the Ninth Circuit affirmed the district court’s order denying Amazon.com, Inc.’s motion to compel arbitration in a case brought by a proposed class of “Amazon Flex” drivers. Amazon Flex is a delivery program run through a smartphone app that Amazon uses to engage individuals to make Amazon deliveries in their personal cars. 

Earlier this year, we reported on the potential breeding ground for litigation under Illinois’ Biometric Information Privacy Act (“BIPA”).  A recent decision from an Illinois state appellate panel on the different limitations periods that apply to BIPA provides guidance for companies faced with a BIPA lawsuit and the arguments they can make on a motion to dismiss.