“C” is Not Just for “Cookie” Anymore: CIPA, class actions, and steps to help reduce your company’s CIPA litigation risk

Felicity Slater
Sam Castic
Danielle Ocampo
Felicity Slater | Hintze Law PLLC
Sam Castic | Hintze Law PLLC
Danielle Ocampo | Freeman Mathis & Gary LLP

Live Video-Broadcast: July 29, 2024

“C” is Not Just for “Cookie” Anymore: CIPA, class actions, and steps to help reduce your company’s CIPA litigation risk

$195.00 2 hour CLE

MCLE Credit Information:

Select Your State Below to View CLE Credit Information

Can't Decide Which CLE Program?

Access All
Federal Bar Association Programs
Co-Sponsored by myLawCLE
Only $395yr

Annual Subscription includes access to:
  • 500+ Live CLE Webinars
  • National Hot Legal Topics
  • New Laws and Regulations
  • State Specific Programs
  • All Formats: Live, Replay, & On-Demand
Subscribe Today
Training 5 or more people?

Sign-up for a law firm subscription plan and each attorney in the firm receives free access to all CLE Programs

Program Summary

Session I - CIPA Compliance Strategies – Felicity Slater and Sam Castic

This session will delve into the specific risks posed by cookies, pixels, and tracking technologies, and guide participants through the process of conducting a thorough tracking technology practice review. Attendees will learn best practices for configuring data tracking technologies to ensure compliance, along with the importance of ongoing monitoring and governance. The session will also cover the crucial roles of cookie banners and privacy notice updates and provide insights into key considerations for vendor contracting. By understanding how to effectively manage consents and notifications and integrating UX considerations, participants will be equipped to enhance their CIPA compliance strategies and protect consumer privacy.

Key topics to be discussed:

  • Identifying common pitfalls and areas of risk for companies
  • How cookies, pixels, and tracking technologies create CIPA risk
  • Conducting a tracking technology practice review
  • Configuring data tracking technologies transmit
  • Implementing ongoing monitoring & governance
  • The role of cookie banners
  • Privacy notice updates
  • Key vendor contracting considerations
  • Making the most of consents and notifications
  • UX considerations

Session II - CIPA Litigation – Danielle Ocampo

This session provides a thorough exploration of the California Invasion of Privacy Act (CIPA) and its key provisions, outlining what legally constitutes an invasion of privacy. Participants will gain insight into the litigation risks associated with CIPA and related laws, learning how to effectively address CIPA demand letters and claims. The session will also highlight recent developments and case studies, offering practical examples and lessons learned from recent CIPA-related litigation. Attendees will leave with a deeper understanding of the legal landscape surrounding CIPA and strategies for mitigating litigation risks.

Key topics to be discussed:

  • The California Invasion of Privacy Act (CIPA)
  • Key Provisions of CIPA: what constitutes an invasion of privacy?
  • Litigation risks of CIPA and related laws
  • Dealing with CIPA demand letters and claims
  • Recent developments and case studies related to CIPA

This course is co-sponsored with myLawCLE.

Date / Time: July 29, 2024

  • 11:00 am – 1:10 pm Eastern
  • 10:00 am – 12:10 pm Central
  • 9:00 am – 11:10 am Mountain
  • 8:00 am – 10:10 am Pacific

Closed-captioning available

Speakers

Felicity Slater_FedBarFelicity Slater | Hintze Law PLLC

Felicity Slater (CIPP/US) is an Associate at Hintze Law, an AI, privacy, and security law firm. Felicity has experience with global data protection issues, including data breach notification laws, privacy impact assessments, GDPR, and privacy statements. She was most recently a Policy Fellow at the Future of Privacy Forum, where she performed research and analysis of consumer privacy laws, bills, and regulatory activity on the FPF’s U.S. Legislation team.

 

Sam Castic_FedBarSam Castic | Hintze Law PLLC

Sam Castic is based in Seattle where he is a partner with Hintze Law, an AI, privacy, and security law firm. Sam regularly helps clients to establish, scale, and right-size privacy programs. Sam has more than fifteen years of experience as a privacy leader and lawyer. He previously worked as chief privacy officer for global fintech Blackhawk Network, and as head of privacy for Nordstrom.

 

Danielle Ocampo_FedBarDanielle Ocampo | Freeman Mathis & Gary LLP

Danielle A. Ocampo is an Attorney with the Data Security, Privacy & Technology practice group at Freeman Mathis & Gary LLP. Danielle’s practice consists of data privacy and data breach litigation as well as incident response. Danielle is a Certified Information Privacy Professional (CIPP/US) with the International Association of Privacy Professionals (IAPP) and a member of the California Lawyers Association Privacy Section’s Publications Committee. She recently became an Executive Committee member of the Bar Association of San Francisco Cybersecurity and Privacy Law Section.

Throughout law school at Loyola Marymount University, Danielle interned in-house at Indeed.com and Intuitive Surgical, Inc. focusing on Data Privacy and Cybersecurity matters. Danielle’s first experience in-house was at Edwards Lifesciences as a Los Angeles Intellectual Property Law Association Diversity Fellow. Prior to law school, Danielle was a Business and Administrative Professional at Bayer’s agricultural tech arm The Climate Corporation. Before venturing into the Technology sector, Danielle was a Business Development Coordinator at the multinational law firm Paul Hastings LLP in the Bay Area where she advanced the business initiatives of the Employment Law practice and co-chaired the Asian affinity network for the Palo Alto office. Danielle joined Paul Hastings in 2017 as a Business Development Intern focused on client industry growth at the firm’s Los Angeles office. During this time, Danielle was also a full-time graduate student at the University of Southern California School of Public Policy where she earned her Master of Public Administration degree. Danielle graduated from the University of California Davis cum laude in 2016 with a B.A. double majoring in Political Science and International Relations with a minor in Managerial Economics.

Danielle is currently a member of the Filipino American Bar Association of Northern California. Additionally, since 2020, Danielle has committed herself to serving as Program Director for the National Federation of Filipino-American Associations’ (NaFFAA) Empowering Pilipino Youth through Collaboration (EPYC), a national youth leadership development program and NaFFAA’s strongest initiative. Danielle is passionate about building the pipeline of Filipino-American talent to increase visibility of Filipino-Americans in professional and community spaces, especially within the legal profession.

Agenda

Session I – CIPA Compliance Strategies | 11:00am – 12:00pm

  • Identifying common pitfalls and areas of risk for companies
  • How cookies, pixels, and tracking technologies create CIPA risk
  • Conducting a tracking technology practice review
  • Configuring data tracking technologies transmit
  • Implementing ongoing monitoring & governance
  • The role of cookie banners
  • Privacy notice updates
  • Key vendor contracting considerations
  • Making the most of consents and notifications
  • UX considerations

Break | 12:00pm – 12:10pm

Session II – CIPA Litigation | 12:10pm – 1:10pm

  • The California Invasion of Privacy Act (CIPA)
  • Key Provisions of CIPA: what constitutes an invasion of privacy?
  • Litigation risks of CIPA and related laws
    • Cases that can emerge unlawful use of person, data tracking, data breach class actions, pen registry/trap & trace, wiretapping, VPPA
    • Potential actual and statutory damages
  • Dealing with CIPA demand letters and claims
    • Individual demand
    • Arbitration
    • Mass arbitration
    • Class action
    • Defenses
  • Recent developments and case studies related to CIPA
    • Latest cases for data tracking