The prospects for and the effect of a comprehensive federal data privacy act remain uncertain. There are no indications that any comprehensive federal data privacy act will be considered by Congress this year, and questions and debates remain around whether federal privacy law will preempt state legislation or whether it will function as a minimum
Jacob Goldberg
Jacob Goldberg is an associate attorney in Stoel Rives’ Litigation group. His practice focuses on commercial litigation and appeals, and he has worked on a range of matters including contract disputes, trade secret misappropriation, class action litigation, internal business disputes, and data breach litigation.
Before joining Stoel Rives, Jacob practiced at smaller firms in Portland, Oregon, and Los Angeles, California, where he represented plaintiffs and defendants in state and federal courts, in arbitration, and on appeal. He has also served as a law clerk for the Honorable Susan P. Graber of the U.S. Court of Appeals for the Ninth Circuit (2015–2016). Click here for Jacob Goldberg's full bio.
Children’s Online Privacy Regulations Develop, Amidst Challenges
“More needs to be done to create a safe online space for children to learn, explore, and play.”
This was the unanimous finding of the California legislature in 2022, and, since that time, other stakeholders have agreed. Voters, parents, the President, and legislators have all suggested that something will, and needs…
Class Action Suits Targeting Biometric Information Continue to Seek Large Payouts
To say that class action litigation regarding the use or collection of “biometric information” – such as fingerprints, face records, or voice records – is expensive would be a gross understatement. The damages sought, and sometimes recovered, in litigation under the Illinois Biometric Information Privacy Act and similar laws that impose statutory penalties can be…
Illinois Court of Appeals: Statute of Limitations for Most Biometric Privacy Claims Remains at Five Years
In Illinois, the Biometric Information Privacy Act (“BIPA”) regulates the collection and use of “biometric information” such as fingerprints, facial images, and voice records. It imposes significant penalties and has generated a cottage industry of class action litigation—hundreds of cases have been filed and millions of dollars in liability have been assessed. It is also the most well known and heavily litigated of a slew of newly enacted, or soon to be passed, state and local laws aimed to regulate biometric information.
Many Illinois defendants had hoped that their liability under BIPA could be limited because, they argued, a one-year statute of limitations should apply to BIPA claims. But, in a recently issued decision, Tims v. Black Horse Carriers, Inc., 2021 IL App (1st) 200563, the Illinois Court of Appeals rejected this position for a majority of BIPA claims. It held that a five-year statute of limitations applies to the most frequently cited sections of the statute.
Continue Reading Illinois Court of Appeals: Statute of Limitations for Most Biometric Privacy Claims Remains at Five Years
Portland’s New Facial Recognition Ban Increases Litigation Risk, Creates Uncertainty
Is your business using or thinking of using facial recognition technology for activities in Portland, Oregon? Think again.
That’s the message to businesses operating in Portland in a new ordinance that broadly bans the use of facial recognition technology in the city, subject to certain exceptions. The ordinance, which took effect January 1, 2021, restricts private businesses from using automated or semi-automated processes to identify an individual by comparing an image of a person captured through a camera with images of multiple individuals in a database. Due to the expansive language contained in the final version of the ordinance, routine business practices used to support or improve operations are no longer permitted. For example, retailers may have previously used software that compares surveillance video images of individuals as they enter a store with a cloud-based photo database to identify suspected shoplifters. The ordinance now prohibits use of this software.
The law also has teeth. It creates a private right of action, statutory damages of $1,000 per day for each violation, and allows for recovery of attorneys’ fees. Similar to other biometric privacy laws, this ordinance has the potential to trigger a wave of costly class action litigation and upend business operations. This ordinance creates significant risk with use of facial recognition technology, and organizations should proceed with this awareness. The law also raises numerous unanswered questions, as noted below.
Continue Reading Portland’s New Facial Recognition Ban Increases Litigation Risk, Creates Uncertainty