On Wednesday, September 15, 2021, DoorDash filed a lawsuit against New York City in the U.S. District Court, Southern District of New York, concerning a law that requires delivery companies to share customer data with restaurants. The law, set to take effect in December, requires companies like DoorDash to provide restaurants fulfilling orders with customer names, phone numbers, email addresses, and delivery addresses. Customers may opt out of sharing this data.
The recently implemented California Consumer Privacy Act (CCPA) and the recently passed Virginia Consumer Data Protection Act have policymakers and regulators gearing up for more state legislation and potential federal input.
On November 19, 2020, U.S. Customs and Border Protection (CBP) proposed an expansion of facial recognition at the border to include photographs of every non-citizen coming in or out of the United States, regardless of their means of travel, entry and exit points, or even age.
On Wednesday, October 7, 2020, the First District Court of Appeal in California ruled that California law prevents anyone from recording either side of a phone conversation without both parties' consent. San Francisco attorney Eric Gruber previously filed suit against Yelp, Inc., alleging violations of the California Invasion of Privacy Act ("CIPA") (Pen. Code, § 630 et seq.) for recording conversations between himself and Yelp sales representatives without his notice or consent. The trial court ruled in Yelp's favor on a motion for summary judgment, finding no triable issues as to whether Yelp violated CIPA. The First District Court of Appeal reversed and remanded the trial court's decision.
On Friday, September 25, 2020, U.S. District Court Judge Nancy D. Freudenthal granted Google's motion to dismiss in a privacy lawsuit concerning Google's G Suite for Education. The court dismissed state law claims on the basis of declining to exercise jurisdiction, but granted Google's motion to dismiss as to the Children's Online Privacy Protection Act claim brought by the State of New Mexico.
Deloitte Consulting LLP has been sued by a group of Ohio residents in two proposed class actions after their personal information was compromised on state websites the company built to administer coronavirus-related unemployment benefits. Officials in Ohio, Colorado, and Illinois announced that applicant information including home addresses and social security numbers had been exposed to the public on these sites. The lawsuits have been filed in federal court in New York, as well as state court in Ohio.