CYBER RISK CLIENT ALERT: The Constitutional Argument Against BIPA

by

There has been no shortage of litigation since the passage of the Illinois Biometric Information Policy Act, commonly known as BIPA, especially since the Illinois Supreme Court’s recent decision in Rosenbach v Six Flags Entm’t Corp., 2019 WL 323902 (Ill 2019) that an individual does not need to allege actual damages to have standing.  We have already circulated two articles discussing the [Southwest] and [Hotel Management] lawsuits.  In response, defendants have been swift and creative in their defense.  Most recently, a major grocery chain argued before an Illinois state court judge the unconstitutionality of BIPA.  More »

CYBER RISK CLIENT ALERT: The SHIELD Act Requires Corporations to Implement Cyber-Security Measures

by

Introduction

New York will soon take another step forward towards protecting residents’ confidential data. As of March 21, 2020, any company that owns or licenses computer data that contains the private information of a New York resident must implement and maintain reasonable measures to protect that information.  This new legislation impacts any business that obtains or preserves New York residents’ confidential information regardless of where that business is located.  New York’s expanding protection serves as yet another reminder of the importance of corporate cyber-resilience.

In 2005, New York enacted the “Information Security Breach and Notification Act.”[1] (“Notification Act”).  As with other states throughout the country, the New York State legislature recognized the significant adverse impact of data security breaches as well as identity theft, and further recognized that New York residents were “hindered by a lack of information regarding breaches. . . .”  Accordingly, the state legislature enacted the Notification Act to ensure that New York residents are properly informed in the event of a data breach, as such information would empower residents to implement measures designed to repair damage and, if possible, prevent future damage from a data breach. More »

New Michigan DIFS Order Raises More Questions for Auto Insurers

by

On September 20, 2019, the Director of the Department of Insurance and Financial Services of Michigan (“the Department”) issued order number 19-048-M, which has a direct impact on the ability of automobile insurers to implement the recent Michigan No-Fault Reform Act.  Per the Act, most provisions were effective June 11, 2019, with a limited number not taking effect until July 2020.  As would typically be the case, on June 11, 2019, insurers began implementing the new provisions of the No-Fault Act. More »

Proposed Hours of Service Rules: Balancing Safety and Economy

by

The Federal Motor Carrier Safety Administration, citing Congressional and public requests for review of the hours of service regulations, has recently proposed the following changes: More »

Ninth Circuit Holds BIPA Class-Action Plaintiffs Have Article III Standing

by

Recently, the Ninth Circuit Court of Appeals issued an opinion in the case of Patel v. Facebook, Inc., 2019 WL 3727424 (9th Circ. 2019), allowing a class-action lawsuit filed in the Northern District of California to proceed.  The Court held that the plaintiffs have Article III standing to bring the suit because Facebook’s alleged violations of Illinois’s Biometric Information Privacy Act (“BIPA”) constitute a sufficiently concrete injury-in-fact.  The Court also upheld the district court’s grant of the plaintiffs’ motion for class certification, finding that the Federal Rules of Civil Procedure’s predominance and superiority requirements were met.  Patel represents a continued expansion of the law in favor of plaintiffs bringing suits under BIPA. More »

PROFESSIONAL LIABILITY CLIENT ALERT: Attorney Liability Under the FDCPA

by

The Fair Debt Collection Practices Act (“FDCPA”) was enacted to protect consumers from abusive and deceptive practices by debt collectors, and to protect non-abusive debt collectors from competitive disadvantage. United States v. Nat'l Fin. Servs., Inc., 98 F.3d 131, 135 (4th Cir. 1996). It is “a strict liability statute that prohibits false or deceptive representations in collecting a debt, as well as certain abusive debt collection practices.” McLean v. Ray, 488 Fed. Appx. 677, 682 (4th Cir. 2012). In addition to its prohibitions, the FDCPA delineates a number of required disclosures and procedures that must be followed when communicating with debtors. Attorneys and law firms who regularly engage in debt collection activities are subject to the requirements of the FDCPA. More »

Five Words & Phrases Defense Attorneys Should be Mindful of in Trucking Litigation

by

Many Americans can name one, two or even more Plaintiff personal injury attorneys in their area. This is no doubt due to the relentless onslaught of billboards, radio, and television ads seducing clients hurt by big bad trucking companies to contact them with promises of a big pay day down the road. Commercial motor vehicle traffic accidents are likewise seen as a payday for Plaintiff attorneys as well. This is because commercial motor vehicle traffic accidents are some of the most difficult cases to defend. When a Plaintiff’s attorney goes to trial against a trucking company, he is not just putting the trucking company named in the complaint on trial, he is putting the whole trucking industry on trial, and it is easy for them to do so due to the misused, misconstrued, and ambiguous language oftentimes associated with the trucking industry. This imprecise usage of language puts attorneys who defend trucking litigation at a clear disadvantage. To achieve equal footing, attorneys who defend commercial trucking clients should identify certain words and phrases that retort a Plaintiff’s theme that improperly places the entire transportation industry on trial. More »

CYBER RISK CLIENT ALERT: BIPA Cutbacks Stalled in Springfield - For Now.

by

In response to the Illinois Supreme Court’s ruling in Rosenbach v. Six Flags Entertainment Corp., 2019 IL 123186 (actual harm is not required for standing under the Illinois Biometric Information Privacy Act), the Illinois legislature is now considering amending the statute, in part, by removing its private right of action.  

Illinois was the leader in enacting privacy protections for biometric data. Illinois is still one of only a few states to have such protections in place (along with Texas and Washington).  Arizona, Florida, and Massachusetts have proposed regulations to protect biometric identification, and California will have its biometric protections take effect on January 1, 2020.  More »

PROFESSIONAL LIABILITY CLIENT ALERT: The Development of Michigan's Attorney Judgment Rule

The Michigan Court of Appeals, in a recent unpublished decision, Ali, et. al. v. Trivax, et. al., unpub op, Docket No. 343140 (March 21, 2019), clarified the scope of Michigan’s “Attorney Judgment Rule,” which can bar a client from suing his/her attorney in a legal malpractice lawsuit.  The Ali Court held that the Attorney Judgment Rule did not protect an attorney-defendant’s error in judgment when that tactical decision was not “well founded in law” adding that the question of whether the attorney-defendant qualifies for protection under the Attorney Judgment Rule is a question of fact for the jury and not the trial court (which significantly complicates relying on the Attorney Judgment Rule as a basis for summary disposition).  Ali, unpub op, at 6.   More »

Another BIPA Violation Alleged in Illinois

by

As a follow-up to our blog post discussing the status of the Southwest litigation currently underway in the Seventh Circuit, another complaint alleging a violation of the Biometric Information Privacy Act (“BIPA”) was filed by a hotel employee in Cook County, Illinois. Donal Lydon v. Fillmore Hospitality, et al., Case No. 2019-CH-05679 (Circuit Court of Cook County, Illinois). Like the allegations against Southwest Airlines, the plaintiff in Lydon, alleges Fillmore Hospitality LLC, which manages hotels in several states, including Illinois, violated BIPA by collecting and then sharing its employees’ fingerprints for timekeeping purposes. The plaintiff filed his action as a class action, seeking to represent any individual in Illinois who has scanned their fingerprints for Fillmore’s biometric time clock. More »

Get Updates By Email

Blog Contributors