Earlier this year when I questioned whether or not privacy-related issues might represent an important emerging area of corporate liability, I was thinking we might see privacy claims emerge over time. I was thinking a longer time frame, over the course of years. What has happened is that the privacy-related claims are materializing now. As I previously noted, in July investors filed a securities suit against Facebook following the company’s quarterly earnings release that disappointed investors in part because company’s growth rate was affected by allegedly unanticipated expenses and difficulties in complying with the EU’s update privacy requirements in the General Data Protection Regulation (GDPR), which went into effect in May.

Investors have now filed an additional lawsuit against a company reporting GDPR-related difficulties. As discussed further below, on August 8, 2018, investors filed a lawsuit against Nielsen Holdings plc after the media performance ratings company disclosed in its quarterly earnings release that GDPR-related changes affected the company’s growth rate, pressured the company’s partners and clients, and disrupted the company’s advertising “ecosystem.”  The Nielsen lawsuit underscores the suggestion that privacy-related concerns could be a significant source of corporate liability.
Continue Reading Investors Filed GDPR-Related Securities Suit Against Nielsen Holdings

It was perhaps inevitable after Facebook’s disappointing quarterly earnings announcement last week triggered what reportedly is the largest single day share price drop ever that securities class action lawsuits against the company would follow. And indeed on Friday at least two securities class action lawsuits were filed against the company. While the lawsuit filings may have been predictable, at least one of the lawsuits contains an interesting and unexpected variant on the standard pattern –  one of the two lawsuits contains allegations that the company made misrepresentations about its readiness for the May 2018 effective date of General Data Protection Regulation (GDPR) and about the impact of GDPR compliance on the company’s business and operations. As discussed below, these allegations reflect the growing liability exposures arising from growing privacy-related concerns and regulation.  
Continue Reading Massive Facebook Stock Drop Draws GDPR-Related Securities Suit

Earlier this year, after Facebook was sued in a securities class action following news that it had given access to personal user information to Cambridge Analytica, I questioned whether privacy issues might represent the next big corporate liability exposure. Among other things, in making this suggestion, I was taking into consideration that fact that the EU’s General Data Protection Regulation (GDPR) was about to go into effect. More recent developments confirm my view that privacy issues likely will represent an area of specific and growing concern and potential liability for companies, their management, and their boards.
Continue Reading California Enacts Sweeping Privacy Legislation

Keith B. Daniels, Jr.

The European Union General Data Protection Regulation (GDPR) is scheduled to go into effect in May 2018. This directive has significant implications for any company that offers product or services to EU residents. In the following guest post, Keith B. Daniels, Jr., Esq., an attorney and the founder of CyberCounsel, takes a detailed look at the EU directive and reviews its implications for affected companies and their insurers. I would like to thank Keith for allowing me to publish his article on my site. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit a guest post. Here is Keith’s article.
Continue Reading Guest Post: Directors Beware: The EU’s General Data Protection Regulation Is Upon Us!