Eric Goldman’s Comments to the California DOJ Draft Regulations for the Consumer Privacy Act (CCPA) (Part 3 of 3)
[Introduction: initially, I aspired to write a blog post summarizing and analyzing the DOJ’s proposed CCPA regulations. After seeing the draft, I quickly abandoned that idea. The regulations are 10,000 words of dense, layered, heavily cross-referenced administrative-speak. There is ambiguity…
Maryland Disclosure Requirements for Online Political Ads Violates the First Amendment–Washington Post v. McManus
In 2018, Maryland passed the “Online Electioneering Transparency and Accountability Act”. The act broadened the reach of Maryland’s political advertising rules to cover online advertisements and “online platforms”. It required publishers to publish somewhere on their sites the following information…
Some Lessons Learned from the California Consumer Privacy Act (CCPA), 18 Months In (Part 2 of 3)
[Introduction: this is part 2 of a 3-part series on the California Consumer Privacy Act, spurred by my comments on the DOJ’s draft regulations (which I’ll post tomorrow). Part 1 of the series addressed how we got here. Today’s part…
Resetting the California Consumer Privacy Act (CCPA)…with 2 Weeks To Go! (Part 1 of 3)
[Introduction: I recently submitted comments on the California DOJ’s draft CCPA regulations. As part of preparing my comments, I took some time to reflect on the CCPA more generally, 18 months since passage and weeks away from launch. That led…
Strike 3’s Copyright Litigation Campaign Completely Strikes Out
Another judge denies an unmasking subpoena to Strike 3, even though the judge has previously issued subpoenas to Strike 3, and even though it may mean that Strike 3’s infringement case will fail and Strike 3 will be left without…
Amazon Can’t Force Arbitration of Minors’ Privacy Claims Based on Alexa Recordings–BF v. Amazon
This lawsuit alleges that Alexa improperly stores the voiceprints of minor users. The trial court declines to order arbitration. (It’s the recommendation of a magistrate, so it will go to the district judge for adoption or modification of the order.)…
Section 230 Helps Tumblr Defeat Nonconsensual Pornography Suit–Poole v. Tumblr
This ruling came out in March, but it just showed up in my Westlaw alerts. I don’t know why it was delayed over 6 months. The opinion is topical and clear, so I thought it’s still worth blogging now. This…
More Teenagers Mistakenly Think “Private” Chat Conversations Will Remain Private–People v. JP
This is a story of four teenage girls and one teenage boy. The girls use the aliases “7Up” (a/k/a JP, the defendant in this case), “Lady Gaga,” “Dream Ruiner,” and “Me.” The boy, called S, allegedly engaged in anti-social behavior…
Ninth Circuit Declines to Shelve Lawsuit Alleging Facebook Violated Illinois Biometric Privacy Statute
Illinois enacted a biometric privacy statute which restricted the collection of biometric identifiers. Plaintiffs, Illinois residents and Facebook users, alleged that Facebook violated this statute by collecting, storing, and processing their face-scans without their consent and without establishing the requisite…
Terrible Ninth Circuit 230(c)(2) Ruling Will Make the Internet More Dangerous–Enigma v. Malwarebytes
The Ninth Circuit has issued a Section 230(c)(2) opinion that creates significant problems for anti-spyware/spam/virus vendors (I’ll call them “anti-threat vendors”). The ruling will paralyze their decision-making, expose them to greater legal threats, and reduce their ability to protect consumers…