In Part Two of this FAQ series, we continue to break down Virginia’s Senate Bill 754, Consumer Protection Act; prohibited practices, etc., reproductive or sexual health information (Act), which amends the Virginia Consumer Protection Act (VCPA). The law went into effect on July 1, 2025.
Register Here
Wednesday, July 23 • 12:00 – 2:10 p.m. ET
Troutman Pepper Locke attorneys Dave Navetta, Gene Fishel, and Dan Waltz will participate in an upcoming CLE with myLawCLE discussing the evolving landscape of data privacy regulation across the United States. This panel discussion will offer an in-depth analysis of state-level data privacy laws, with a focus on pioneering regulations such as California’s Consumer Privacy Act and Virginia’s Consumer Data Protection Act, along with other notable state-specific legislative measures. Our panelists will explore the complexities of these laws, emphasizing key differences and similarities that affect both businesses and consumers.
In this episode of the Regulatory Oversight podcast, Stephen Piepgrass welcomes David Navetta, Lauren Geiser, and Dan Waltz to discuss the $51.75 million nationwide class settlement involving Clearview AI and its broader implications. The conversation focuses on Clearview AI’s facial recognition software, which has sparked controversy due to its use of publicly available images to generate biometric data.
Introduction
On Thursday, March 20, a federal judge in the Northern District of Illinois granted final approval to a settlement agreement under which Clearview AI (Clearview) agreed to pay an estimated $51.75 million to a nationwide class if one of several contingencies takes place. This approved settlement agreement resolves In Re: Clearview AI, Inc. Consumer Privacy Litigation, No. 1:21-cv-00135 (N.D. Ill.), a multidistrict suit alleging that the company’s automatic collection, storage, and use of biometric data violated various privacy laws, including Illinois’ Biometric Information Privacy Act (BIPA). The unorthodox settlement not only preserves Clearview’s business model, but may also insulate Clearview from subsequent or parallel regulatory investigations without requiring the company to jeopardize the liquidity necessary for continued growth. Ultimately, this settlement seems to represent a good outcome for the company, especially in light of the fact that that it was achieved over the objections from 23 state attorneys general (AG). U.S. District Judge Sharon Johnson Coleman stated that the settlement is fair, reasonable, and adequate.
The new Department of Justice (DOJ) Data Security Program (DSP) took effect on April 8. For an overview of the DSP, see our earlier advisory and recent update.
What’s Happening?
Under the Department of Justice’s (DOJ) “Preventing Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons” rules (the Rules), allowing access outside the United States to certain types of sensitive personal data involving “countries of concern” may be restricted or prohibited beginning on April 8. See our previous advisory for more detail.