As part of our commitment to keeping you informed of new regulatory developments and their potential implications, we have highlighted recent statements by federal officials concerning loyalty programs, such as those involving airline miles and credit card points. These comments signal a potential shift in how these programs are viewed under consumer protection laws, and

While French skincare company L’Occitane (the “Company”) successfully thwarted a mass arbitration effort by plaintiffs’ firm Zimmerman Reed and approximately 3,000 customers (the “Claimants”), the Southern District of California Court presiding over the matter indicated that the Company’s case against them was on the verge of dismissal. L’Occitane v. Zimmerman Reed, et al., No. 2:24-cv-01103

  • Over a hundred cases are pending from the wave of privacy class actions that commenced last year alleging violations of state wiretap statutes based on use of website session replay, chatbot and pixel technologies.
  • Plaintiffs’ firms are continuing to file new cases based on chatbot and pixel tech despite an increasing number of dismissals while

On June 27, 2023, the Office of Inspector General (“OIG”) for the U.S. Department of Health and Human Services (“HHS”) released its final rule (“Final Rule”) implementing penalties for information blocking.

The Final Rule codifies the prohibition on “information blocking” introduced by the 21st Century Cures Act (“Act”), which was enacted on December 13, 2016.

On July 20, 2023, the Federal Trade Commission (“FTC”) and the Office for Civil Rights of the United States Department of Health and Human Services (“OCR”) announced that they had sent a warning letter to about 130 hospital systems and telehealth providers, alerting them about the risks and concerns of using online tracking technologies, such

The Health Information Portability and Accountability Act (“HIPAA”) has long been described as the floor for health care privacy laws and that states and regulators are free to enact more restrictive health care privacy laws. Last week, Washington state became the first state in the nation to codify into law broad protections for consumer health

On March 15, 2023, the U.S. Securities and Exchange Commission (“SEC”) released its proposal to amend Regulation S-P: Privacy of Consumer Financial Information and Safeguarding Customer Information (the “Proposed Amendments”), while simultaneously issuing two additional cybersecurity-related rule proposals and re-opening the comment period for its previously proposed cybersecurity risk management rule released in February 2022.

As the National Security Agency (NSA) noted in its 2022 cybersecurity yearly review, “[c]yberspace is dangerous.”

Reports of sophisticated cyberattacks and ransomware threats were prevalent in the past year. The government, manufacturers, and others further developed standards for securing digital infrastructure like 5G, cloud services, cryptography, internet protocols, and internet of things (IoT) devices.