2025 Update: Website Tracking Litigation and Enforcement

By Heidi Salow & Paloma Acosta on November 20, 2025

Litigation targeting website tracking technologies—such as cookies, pixels, session replay, and analytics tools—remains a major risk for businesses in 2025 and beyond. Courts continue to shape the boundaries of liability…

U.S. Privacy Litigation Update: September 2025 Decisions

By Former Attorney Dustin Taylor on October 21, 2025

In this post: (1) Courts find cookie banners and sign-in banners place users on notice of privacy policy; (2) but policy must explicitly notify users of practice to establish consent; …

California’s Latest Trio of Privacy Bills: What Businesses and Consumers Need to Know

By Heidi Salow, Shannon Kapadia & Shevani Mehta on October 13, 2025

California continues to set the pace for digital privacy reform, enacting three groundbreaking laws that will reshape how personal information is handled across the state. On October 8, 2025, Governor…

Massachusetts and California Legislative Activity: Data Privacy and AI Legislation

By Erik Dullea, Heidi Salow, Shannon Kapadia & Shevani Mehta on October 1, 2025

Key point: Recent legislative efforts in Massachusetts, seeking to add another comprehensive data privacy law to the national patchwork of state laws, and in California enacting a law to regulate …

Healthcare Website Tracking: Lessons from Four Recent ECPA Rulings

By Former Attorney Dustin Taylor on September 22, 2025

Four federal courts issued decisions in August involving claims that healthcare companies violated the Electronic Communications Privacy Act (ECPA) by deploying tracking technologies—such as the Meta Pixel and Google Analytics—on…

California Legislature Advances Sweeping AI Bill: Implications for Businesses and Developers of “Companion Chatbots”

By Heidi Salow & Shannon Kapadia on September 19, 2025

Key point: The California Legislature is considering a bill that would impose comprehensive requirements on the development, deployment, and use of artificial intelligence (AI) systems, with a focus on transparency, …

U.S. Privacy Litigation Update: August 2025 Decisions

By Former Attorney Dustin Taylor & Owen Davis on September 16, 2025

In this post: (1) The 9th Circuit tightens what “harm” a plaintiff must suffer to have standing; (2) the D.C. Circuit adds to growing circuit split on defining “consumers”; (3) Three …

The Defense Department’s Cybersecurity Requirements Go Live

By Erik Dullea & Luis Hidalgo on September 11, 2025

Key point: Beginning November 10, 2025, DoD contracting officers will begin adding Cybersecurity Maturity Model Certification (CMMC) requirements to solicitations, and contracting officers “shall not award a contract, task order, …

Communication technology with global internet network connected

EU Court Upholds Data Privacy Framework Despite Challenge: Implications for Transatlantic Data Transfers

By Heidi Salow & Erik Dullea on September 8, 2025

Key point: The European General Court has upheld the European Commission’s adequacy decision for the EU-U.S. Data Privacy Framework, confirming that the United States ensures an adequate level of protection …

Byte Back

Featured Posts

California’s Deletion Request and Opt-Out Platform (DROP) is Live

GSA Joins the CUI Compliance Movement: What Non-Defense Contractors Need to Know

The Genesis Mission: A New Executive Order Aims to Transform U.S. Innovation with AI

The Latest