Posts

Showing posts with the label cookies

Healthline to Pay $1.55M for Alleged CCPA Violations: Key Lessons for Businesses from Largest Settlement Yet

Healthline Media has agreed to pay $1.55 million to resolve allegations that it violated the California Consumer Privacy Act (CCPA) – which is the largest settlement to date under the state’s landmark privacy law. The California Attorney General alleged that the company’s health information website, Healthline.com , failed to allow consumers to opt out of targeted advertising and shared data – including information about potential medical conditions – with third parties without proper privacy protections. The settlement, which still needs to be approved by the court, also contains a unique provision: it prohibits Healthline from sharing information with third parties about article titles consumers view that may reveal a medical diagnosis . Here's a breakdown of the allegations and settlement terms, as well as a six-step compliance plan for businesses that operate in California or collect data from California residents. Background and Allegations Healthlin...

California Proposal to Curb Website Cookie Litigation Stalls for This Year: What 3 Things Should Your Business Do?

A California bill aimed at curbing the explosion of lawsuits filed against businesses using common website tools like cookies, pixels, and session replay software has stalled out in the 2025 legislative session, meaning your business will remain vulnerable to the newest type of privacy litigation for at least the next year . Despite the Senate unanimously approving SB 690 just a month ago, the bill’s author announced on July 2 that it would be made into a “two-year bill” – meaning it will not advance further this year but may be taken up again in 2026. What does your business need to do to put yourself in the best position to defend against these California Invasion of Privacy Act (CIPA) wiretapping claims? CIPA’s Emergence as a Class Action Weapon CIPA was originally enacted in 1967 to combat traditional wiretapping and eavesdropping, primarily in the context of telephone communications. It was never designed to address the complexities of the digital age or regulate how businesses t...