In Episode 2 of ComplianceTalk, Michele and Chad take on areas where regulators and plaintiffs’ lawyers are clearly turning up the heat. One of the most notable? The resurgence of enforcement and litigation under the California Invasion of Privacy Act (CIPA) – particularly, how the law is now being applied to everyday website technologies like cookies, pixels, and analytics tools. Although CIPA was originally designed to prevent eavesdropping on phone calls, it’s increasingly being used to challenge online tracking practices that operate without proper consumer consent. And because the statute allows per‑violation statutory damages, even routine website activity can translate into significant exposure if compliance gaps exist.
The episode also highlights evolving TCPA risk areas, including continued uncertainty around the FCC’s partially delayed “Revoke All” revocation rule, growing litigation over how quickly revocation requests are honored, and an increase in procedural claims such as time‑of‑day calling violations. In addition, state‑level “mini‑TCPA” laws are gaining traction, with expanded definitions and new private rights of action that allow plaintiffs to stack claims and increase liability. Together, these developments underscore the importance of proactively reviewing website tracking, consent management, dialing practices, and internal compliance processes as enforcement activity accelerates.