News

On July 9, 2019, the European Court of Justice (CJEU) heard oral arguments on a landmark case concerning Facebook’s transfer of personal data from the EU to the US on the basis of the currently utilized “standard contractual clauses” (SCCs) mechanism. The CJEU’s decision — will have tangible consequences for businesses performing data transfers from […]

On June 6, 2019 Maine’s governor signed into law LD 946, “An Act To Protect the Privacy of Online Customer Information.” The Act applies to broadband internet service providers (ISPs) defined as any “mass-market retail service by wire or radio that provides the capability to transmit data to and receive data from all or substantially all […]

  On June 28, 2019, the Garante per la protezione dei dati personali, the Italian Data Protection Authority issued a EUR 1 million fine against Facebook following the scandal of Cambridge Analytica. See here for more info. According to the Italian DPA, 57 Italian users downloaded the incriminated application through the Facebook login function. This […]

On May 31, 2019, the District of Columbia Superior Court issued an order rejecting Facebook’s request to dismiss or to stay a data privacy litigation brought under a state consumer protection statute. The case is interesting because the order deals with the decision of a state court on the applicability of state general consumer protection […]

    On June 4, 2019, the United States District Court for the Southern District of New York granted Defendant’s motion to dismiss since the company mooted Plaintiff’s claims and for lack of personal jurisdiction over Defendant. By way of background, Plaintiff alleged that Defendant’s website denied equal access to visually-impaired customers and that Defendant’s […]

On October 8, 2018, the Italian Garante per la Protezione dei Dati Personali, the Italian data protection authority, DPA, released instructions on how to maintain a record of processing activities, as well as a sample document compliant with Regulation (EU) no. 679/2016, the General Data Protection Regulation, GDPR. The record – to be maintained by […]

  On May 28, 2019, Attorney General Mark Brnovich announced a settlement with healthcare software providers Medical Informatics Engineering Inc. and NoMoreClipboard, LLC regarding some claims brought against them under the federal Health Insurance Portability and Accountability Act (HIPAA). By way of background. Defendants were business associates that were providing health records services that enabled […]

  On June 14, 2019, the FTC reached a settlement with  SecurTest, Inc., a background screening company over allegations that it falsely claimed to be a participant in the EU-U.S. Privacy Shield program. This is the result of the FTC taking action against false claims of participating to the EU-US Privacy Shield Framework. See here. […]

  On June 7, 2019, the US Court of Appeal for the Sixth Circuit held that the district court did not err in awarding judgment in favor of business as it was exempt from liability under a “consequential damages waiver” contained in the “Merchant Agreement” executed with the data processing company. By way of background. Two […]

On June 6, 2019 Attorney General Letitia James, announced a $65,000 settlement with online retailer Bombas LLC for failing to provide notice of payment cards consumers’ data breach that affected 39,561 consumers. In 2014 unauthorized intruders inserted malicious software code to steal payment card information into the ecommerce platform supporting Bombas’ website. Intruders accessed customer […]