Insights

On March 2, 2023, the Biden Administration released the 35-page National Cybersecurity Strategy (the “Strategy”) with a goal “to secure the full benefits of a safe and secure digital ecosystem for all Americans.”

On February 17, 2023, the Illinois Supreme Court ruled 4-3 that violations of the Biometric Information Privacy Act (“BIPA”) (the country’s first biometric privacy legislation) accrue for each incident of capture or dissemination of biometric information, and not only once for each data subject. Cothron v. White Castle Systems found based on the plain language of the statute that violations for collecting or disclosing biometric information occur at every scan or transaction. Cothron v. White Castle Sys., 2023 IL 128004. The court reached this conclusion while admitting the “absurd” implications, including that the ruling could result in damages of $17 billion. Id. at ¶ 40.

Earlier this month, two courts, one in California and one in Massachusetts under two different scenarios, opined on the enforceability of browsewrap and hybridwrap agreements, providing important warnings for companies relying on such agreements to obtain legally required consent for activities such as telemarketing or to otherwise impose terms and conditions on website users. Many cases turn on the enforceability of such agreements, and companies should evaluate their use of browsewrap agreements (e.g., terms of use available through a hyperlink at the bottom of a webpage) and hybridwrap agreements to determine whether changes are appropriate to improve enforceability and mitigate legal risk.

It’s been said that “A lie gets halfway around the world before the truth can even pull its boots on.” In today’s world of online commentary and social media, this is truer than ever.