On June 19, 2025, the French Data Protection Authority (“CNIL”) published two recommendations for AI developers. The first recommendation covers reliance on the GDPR’s legitimate interest legal basis for developing an AI model. It provides examples of legitimate interests that can justify the use of personal data for AI development. The second recommendation discusses measures
Covington & Burling LLP
From our offices in Beijing, Brussels, Dubai, Frankfurt, Johannesburg, London, Los Angeles, New York, Palo Alto, San Francisco, Seoul, Shanghai, and Washington, we practice as one firm, holding closely to core values that start with a deep commitment to our clients and the quality of our work on their behalf, and that include an emphasis on teamwork among our lawyers and other professionals and a belief in the obligation of lawyers to make legal services available to all who need them.
Website:
https://www.cov.com/
Covington & Burling LLP Blogs
Blog Authors
Latest from Covington & Burling LLP
User Consent Provided Under Time Pressure Is Still Consent Barring CIPA Suit
By Divya Bhat & Matthew Verdin
User consent bars website wiretapping claims brought under the California Invasion of Privacy Act (“CIPA”). As we reported on here, one way users may consent to the use of third-party website technologies is during a checkout process, such as via a checkbox indicating agreement to a website’s privacy policy. But is consent negated if…
EU Designates 13 Non-EU Critical Raw Materials Projects as Strategic
On 4 June 2025, the European Commission published a decision recognising 13 critical raw material projects located in non-EU countries as “Strategic Projects” under the Critical Raw Materials Act (“CRMA”, Regulation (EU) 2024/1252). This first set of Strategic Projects based outside the EU adds to the 47 Strategic Projects based within the EU announced…
Collection of Website Visit Time Stamp Not Enough to Confer Article III Standing
Capture of personal or private information is a prerequisite to Article III standing in wiretapping cases brought under the California Invasion of Privacy Act (“CIPA”). As we reported on here, when a plaintiff fails to plead the capture of any such information, courts have dismissed the plaintiff’s complaint for lack of standing. A Utah…
Fifth Circuit Reaffirms that Courts Must Provide Class-Wide Notice of Attorney Fee Motions
By Sarah Leadem & Sonya Winner
On June 10, 2025, the U.S. Court of Appeals for the Fifth Circuit ruled that courts must provide class-wide notice of an attorney fee motion under Federal Rule of Civil Procedure 23(h). Morrow v. Jones, No. 23-40546, 2025 WL 1634785 (5th Cir. June 10, 2025).…
Sixth Circuit Affirms Class Certification Despite Potential Presence of Class Members Who Did Not Suffer Economic Injury
By Stephen Rees & Sonya Winner
Whether the presence of uninjured class members can defeat class certification is a hot-button topic in class action litigation. Just four days after the Supreme Court dismissed the appeal in Laboratory Corporation of America Holdings v. Davis regarding whether class certification is permissible under Rule 23(b)(3) when some members of the putative class are uninjured…
Georgia Court Dismisses Defamation Suit Against AI Developer OpenAI
Last month, a Georgia state court granted OpenAI’s motion for summary judgment, dismissing a defamation suit brought by a nationally syndicated radio show host.
In the suit, Mark Walters v. OpenAI LLC, 23-A-04860-2 (Sup. Ct. Gwinnett Cty, GA), the plaintiff alleged that that the ChatGPT tool, developed by OpenAI, defamed him when it presented false…
For Peet’s Sake! Court Calls Out Class Action Plaintiffs’ Bar’s Failure to Properly Vet Named Plaintiffs in CIPA Suit
Last month, a California federal court highlighted one of the “serious problems that the class action plaintiffs’ bar desperately needs to rectify”: “the failure to properly vet named plaintiffs.” Lineberry v. Addshoppers, Inc., 23-cv-01996-VC, 2025 WL 1533136 (N.D. Cal. May 29, 2025).…
Multiple States Enact Genetic Privacy Legislation in a Busy Start to 2025
Since the beginning of 2025, there have been a flurry of bills introduced at the state and federal level related to genetic privacy, which follows a similar trend over the past several years. These bills have focused on a range of issues, including general genetic privacy, national security implications of “foreign adversaries” accessing genetic information,…
European Commission issues first no-poach decision in labour markets, warning against the collusive risks of minority shareholdings
On 2 June 2025, the European Commission (“Commission”) fined the food delivery companies Delivery Hero and Glovo EUR 329 million for engaging into cartel conduct through agreeing not to poach each other’s employees, exchanging competitively sensitive information, and allocating geographic markets.
The decision signals increased antitrust scrutiny of labour-related arrangements between rivals and underscores the…