The Children’s Advertising Review Unit (CARU), a self-regulatory advertising unit approved by the Federal Trade Commission (FTC) and administered by the Council of Better Business Bureaus, recently found issues with the advertising approach taken by two mobile applications for kids: KleptoCats and My Talking Tom. CARU monitors advertising and privacy practices and determines whether such […]
On March 25, 2019, the Supreme Court denied Zappo’s petition for certiorari allowing a class action to proceed for a 2012 data breach even though consumers didn’t establish they were injured by the breach. This is a setback for companies hoping to limit their liability in data breach cases. By way of background. On June […]
On March 26, 2019, Urzędu Ochrony Danych Osobowych (UODO), the Polish Data Protection Agency (DPA) imposed a fine of around $250,000 on a company for failure to fulfill its information obligation as a controller. The UODO explained that the controller did not meet the information obligation (Art. 14 (1) – (3), GDPR) in relation to […]
On Friday, March 22, 2019, the Washington State House of Representative’s Committee on Innovation, Technology and Economic Development held its first public hearing on the proposed privacy legislation, SB 5376. The Washington privacy act, SB 5376, was introduced January 17, 2019 and passed its third reading in the Senate with 46 votes (against 1) on March […]
Tags: DATA PROTECTION
On March 25, 2019, Vienna’s higher Regional Court (Oberlandesgericht Wien) ruled that “every citizen can not only file a complaint with the data protection authority, but also submit a lawsuit in courts.” See here. The claims is complicated and concerns Facebook’s breach of EU privacy laws. See here for more info. The admissibility of […]
On March 12, 2019, the European Data Protection Board (EDPB) published an opinion defining the GDPR’s scope of application and providing an interpretation on data protection authorities’ competences, tasks and powers. The Belgian Data Protection Authority (DPA) requested the EDPB to examine and issue an opinion on the interplay between the ePrivacy Directive (2002/58/EC) and […]
Update: In October 2019, the European Court of Justice held that in order to store cookies on user devices, the users must actively consent and that pre-checked checkbox that users must actively deselect is not a valid form of consent. The European Court of Justice also stated that all types of cookies require active consent, […]
On March 14, 2019, the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, DPA) published on Netherlands Official Gazette its own General Data Protection Regulation (GDPR) fining policy. It is the first European Union (EU) country to do so. Article 83, GDPR, provides that DPAs can issue to controllers and processors “effective, proportionate and dissuasive” administrative fines […]
On December 3, 2018, the National Center for State Courts issued a survey on 2018 State of the State Courts. The annual national survey conducted the study on 1,000 registered voters November 13-17, 2018. The survey shows that there is some interest in alternative methods to dispute resolution. Voters with previous experience dealing with the […]
On January 10, 2019, the Italian Garante per la Protezione dei Dati Personali, the Italian data protection authority, DPA, released an opinion according to which the deceased continues to enjoy the protections provided for by the data protection legislation. In a case of alleged malpractice, an individual asked a healthcare company to allow access […]