Showing posts with label California. Show all posts
Showing posts with label California. Show all posts

Monday, September 14, 2020

Boston Bar webinar will probe privacy law latest

Coming soon, the Boston Bar Association will host a webinar on data privacy class action litigation (and related privacy stuff too).  I'm trying to get up to speed on all of the latest developments so that I will not disappoint moderator Melanie A. Conroy, attorney and CIPP/US, of Pierce Atwood LLP, who graciously if foolhardily invited me to participate.  For The National Law Review in April, Conroy wrote the authoritative rundown on the Mount Ida student class action, which treatment inspired me to write about the case for The Savory Tort.

My task is daunting; a lot happened while I was in Africa early in the year and out of the office over the summer.  Our subject matter includes the new regulations under the California Consumer Privacy Act, burgeoning lawsuits under the Illinois Biometric Information Privacy Act, and the shock waves just now hitting the United States from the "Schrems II" decision in the European Court of Justice.  (Brush-with-greatness note: Max Schrems has been in my car.  Long story.)  That's just to get the ball rolling.

Co-panelists are Matthew M.K. Stein, of Manatt, Phelps & Phillips, LLP, and Marjan Hajibandeh, of CarGurus, Inc.  Here are the program details from the BBA:

BBA Webinar: Roundtable on Recent Developments in Data Privacy Class Action Litigation
Thursday, September 24, 2020, 10:00 to 11:00 a.m.
This webinar will explore the growing prevalence of data privacy class actions through recent developments in data privacy legislation, expanded private rights of action, biometric privacy claims, consumer data suits, post-breach and cybersecurity litigation, and the increasingly complex landscape of rulings by federal courts of appeals. The presenters will discuss national trends and developments within the First Circuit and in Massachusetts. The discussion will look ahead to areas to watch and trends that may shape the development of data privacy class actions in the coming months and years.

The program is free for BBA members and $100 for non-members. Registration at least two hours before the program-start is essential to receive the Zoom link.

Saturday, May 23, 2020

Anti-SLAPP slaps justice, but Richard Simmons survives dismissal in privacy suit over tracking device

Sensational Simmons in 2011
(Angela George CC BY-SA 3.0)

In telephone consultation with an attorney-colleague just the other day, I had occasion to climb onto my soapbox and preach my anti-anti-SLAPP gospel.  I'm not sure when he hung up, but I kept preaching, because it's about the message, not the audience.

And then as if to say to me, "you go, girl," Richard Simmons popped up in my newsfeed.  More on that in a minute.

'Anti-SLAPP'

Anti-SLAPP is a mostly statutory court procedure meant to diffuse "strategic lawsuits against public participation," that is, essentially, to dispose quickly of lawsuits that are meant principally to harass a defendant who is participating in public life in a way protected by the First Amendment, namely, speaking or petitioning.

The prototype case is a land developer who sues environmental protestors for a tort such as interference with contract.  An anti-SLAPP statute allows the protestor-defendant to obtain a quick dismissal, because the plaintiff knows the protestor is not a business competitor, and the plaintiff's true aim is harassment via tort litigation.  Anti-SLAPP may be useful if, say, and I'm just spitballing here, you're a sexual assault complainant suing a politician with a habit of counterclaiming for defamation.  But the far more common use of anti-SLAPP motions is when a mass-media defendant is sued for, well, anything.

The communications bar loves anti-SLAPP.  And what's not to love?  What anti-SLAPP statutes demand varies widely across the states.  A defendant's anti-SLAPP motion might require only that the plaintiff re-submit the complaint under oath, or more aggressive statutes demand that the court hold a prompt hearing and dismiss the complaint if the plaintiff cannot show probability of success on the merits, a stringent pretrial standard reserved usually for preliminary injunctions.  Whatever the statute requires, the universal takeaway is that the blocking motion is good for the defense, providing another way to slow down litigation and require more money, time, and exertion by the plaintiff—who, let's not forget, usually is a victim of injury, even if the injury has not yet been adjudicated to be the fault of the defendant.

My problems with anti-SLAPP are legion, not the least of which is that the communications defense bar hardly needs a new defense at its disposal.  We already have the most overprotective-of-free-speech tort system in the world.   Without diving deep today, it will suffice to say that my opposition to anti-SLAPP fits neatly into my broader position that the famous civil rights-era innovation in First Amendment law embodied in New York Times v. Sullivan (U.S. 1964) should rather be described as an infamous and pivotal turn down a wrong and dangerous road, which is why courts around the world have widely rejected the case's central holding.  My position makes me about the most despised person at any communications defense bar conference, so I mostly skip the social events, after I've redeemed my free drink tickets.

Along Came Richard Simmons

When I talk about the abusive deployment of anti-SLAPP, I'm usually talking about the plaintiff's inability to prove Sullivan "actual malice," which, as a subjective standard, requires evidence of the defendant's state of mind.  In an especially wicked cruelty, a typical anti-SLAPP motion requires the plaintiff to show likelihood of success in proving defendant's actual-malicious state of mind before the plaintiff is allowed to use litigation discovery to collect evidence—all of which remains in the defendant's possession.

Bastion of the First Amendment
(2015 image by Mike Mozart CC BY 2.0)
So the rules of the game in First Amendment defamation are first rigged against the plaintiff, and then, when the plaintiff dares to complain anyway, we punish the audacity.  Rubbing salt into the wound, anti-SLAPP laws may also then require the plaintiff to pay the corporate media defendant's legal fees, a bankrupting prospect for the everyday-Joe plaintiff who might have been victimized by the careless reporting of a profits-churning transnational news company.

What I don't usually talk about is the kind of thing that apparently happened lately to Richard Simmons.  The once-and-future fitness guru—don't miss Dan Taberski's podcast Missing Richard Simmons (e1), which, however "morally suspect," might be my favorite podcast ever—alleged in a California invasion-of-privacy lawsuit that celebrity gossip rag In Touch Weekly hired someone to put a tracking device on Simmons's car.  As media, do, and maybe now you to start to see the problem, In Touch Weekly asked for dismissal under California's powerful anti-SLAPP statute, putting to the test Simmons's audacious challenge to the shining gold standard of American journalism.

Fortunately in this case, a trial judge, and this week a California court of appeal, held that news-gathering through trespass, or intrusion, is not what anti-SLAPP is made to protect.  Correspondingly, there is no First Amendment defense to the tort of invasion of privacy by intrusion.  So Simmons's case may resist anti-SLAPP dismissal.

Also fortunately, Richard Simmons has the financial resources and determination to fight a strong invasion-of-privacy case all the way through an appeal before even beginning pretrial discovery.  This isn't his first rodeo.  Richard Simmons is a survivor.

Someone needs to give Richard Simmons a law degree, and one day I won't feel so alone at the comm bar cocktail party.

The case is Simmons v. Bauer Media Group USA, LLC, No. B296220 (Cal. Ct. App. 2d App. Dist. 4 Div. May 21, 2020).  Parent-company Bauer Media Group, by the way, owned the gossip magazines that lost to Rebel Wilson in her landmark Australian defamation case.

Now move those buns.

Monday, September 23, 2019

EU frets over Privacy Shield adequacy, and NGO insists, emperor still naked

The Commission of the European Union is reviewing the U.S.-EU Privacy Shield framework for conformity with the General Data Protection Regulation (GDPR), and NGO AccessNow is again demanding an inadequacy finding.

A lot is at stake.  For the uninitiated, European regulators have a dramatically different take on the protection of personal information than the free-wheeling free marketeers of the United States.  I've written some about the problem here and elsewhere (e.g., here and here), arguing that the American people are not so far from European privacy norms, but it's our law that lags behind the democratic will.  For my money, the definitive macro analysis of why American and European approaches to privacy have differed is James Q. Whitman's.  Anyway, the GDPR does not allow the export from Europe of information to countries that do not comport with its privacy protections, and that creates a monumental problem for the trans-Atlantic flow of not only information, but commerce.

The problem is not new and existed under the GDPR's predecessor law, the 1995 Data Protection Directive (DPD).  A number of mechanisms were devised to work around the problem, and they were approved by European regulators under the umbrella of "the Safe Harbor agreement."  But it's widely understood, at least on the European side, that Safe Harbor was something of a sham: No one with a straight face could argue that U.S. law was comparable to the DPD.  Safe Harbor in practice comprised mostly industry standards, voluntarily adopted and barely enforced by U.S. regulators.  There's also an important piece of this problem in the vein of national security, government spying, and personal information; I'm not even getting into that.

Privacy Shield is stronger than Safe Harbor, but the GDPR is a lot stronger than the DPD.  There have been remarkable advancements in privacy law in some states, notably California, in the EU direction.  And quite a number of court challenges have followed, winding their way through the process, some derived from objections in the commercial sphere, some the civil rights sphere: you've probably heard of "the right to be forgotten."  But our patchwork state laboratories hardly sum reassurance to Europe.  So in the absence of a comprehensive peace offering at the federal level, the debate over the EU's adequacy determination regarding Privacy Shield pretty much boils down to whether or not we're going to admit that the emperor is naked.

AccessNow, a global NGO and sponsor of RightsCon, has consistently called for honesty about the emperor's sorry state.  A recent memo calls on the Commission to rule Privacy Shield inadequate, and AccessNow has invited republication of a new infographic in support of its position.  I hereby oblige. It's past time we get serious about protecting personal information in the United States and stop commercial exploitation of human identity upon industry's abusive invocations of civil rights such as the freedom of speech and freedom to contract.

[UPDATE, 23 Oct. 2019, at 13:53 U.S. EDT: Privacy Shield still good, per EC report issued today.]

Wednesday, January 31, 2018

Brief argues public interest in social science research, FOI, while managing privacy risk

Representing the National Association of Scholars, UCLA Professor Eugene Volokh, UALR Professor Robert Steinbuch, and I filed an amicus brief in a California appellate case in which we argue the public interest in social science research, especially freedom of information in the area of legal education and admission to the bar, while managing risks to personal privacy.  Below is the introduction.  A longer excerpt appears here on TaxProf Blog, along with a link to the full brief in PDF.  My thanks to two formidable writing partners and a dedicated client.

Introduction
The public good often depends on social science research that employs personal data. Volumes of scientific breakthroughs based on data accumulated through access to public information demonstrate the importance and feasibility of enabling research in the public interest while still respecting data privacy. For decades, reliable and routine technical methods have ensured protection for personal privacy by de-identifying personal data.
Social science research into legal education and admission to the bar is presently a matter of urgent public interest and importance, requiring solid empirical analysis of anonymized personal data that government authorities possess. Social science research of the very kind proposed by Appellants Sander and The First Amendment Coalition represents standard, indeed commonplace, research practice furthering the public interest, while employing established methodologies that minimize the risk to privacy.