Data Protection

In the Facebook Illinois BIPA class action, eligible claimants received average payouts of about $18,000 per person from a $650 million settlement. The case alleged Facebook collected and used facial recognition biometric data without proper notice and consent under Illinois’ Biometric Information Privacy Act. This article explains how BIPA works, who qualified, and what similar […]

Advertising cookies aren’t outright illegal in any U.S. state, but at least 19 states now restrict their use through consumer privacy laws requiring notice and opt-out (and sometimes opt-in for sensitive data). Compliance depends on whether cookies enable “targeted advertising” or “sale/sharing” of personal data and on your data practices. This article explains the rules […]

Small claims lawsuits can yield up to $5,000 per case for certain privacy violations, depending on your state’s limits and the statute involved. Because small claims is streamlined and often doesn’t require an attorney, it’s becoming a practical way for individuals to pursue accountability over unlawful data collection, recording, or disclosure. This article explains who […]

Data breach liability is the legal responsibility a business has when personal data is exposed, often triggering mandatory notice obligations—many U.S. states require notification within 30–60 days, and the GDPR generally requires reporting within 72 hours. Liability can arise from inadequate security, delayed reporting, or failure to comply with privacy laws and contracts. This article […]