Category Archives: Privacy

Subscribe to Privacy RSS Feed

Seventh Circuit Issues Landmark BIPA Decision

Kari RollinsDavid PoellBy Kari Rollins and David Poell on Posted in Biometrics, Consumer Privacy
The Seventh Circuit has recently ruled that plaintiffs have standing to enforce the Illinois Biometric Information Privacy Act’s informed consent requirements in federal court. As we have written before, , BIPA regulates the collection, use, and retention of a person’s biometric information, e.g., fingerprints, face scans, etc. For years, federal trial courts have been split … Continue Reading

Using Health Data in Europe During COVID-19

Snehal DesaiBy Snehal Desai on Posted in COVID-19, EU Privacy, GDPR, Healthcare Privacy
The EDPB recently issued guidelines about how to use health data during the current pandemic in compliance with GDPR. Given the COVID-19 pandemic, there have been many research efforts in place to fight against the virus.  The EDPB’s guidelines shed light on the special rules for processing health data for scientific research, which apply in … Continue Reading

Privacy and Data Protection Enactment and Enforcement Timelines During COVID-19

Julia KadishKari RollinsBy Julia Kadish and Kari Rollins on Posted in California, CCPA, Consumer Privacy, COVID-19, Data Protection, New York Privacy
During COVID-19, in certain areas of the law, we have seen significant flexibility from regulators and government agencies in how they are addressing typical approval processes and/or compliance requirements. In the context of privacy and cybersecurity regulations, largely, regulators are emphasizing that personal privacy and data security are important now more than ever. New information … Continue Reading

FTC Settles with Company Over Alleged Deceptive Security Practices

Kari RollinsJulia KadishBy Kari Rollins and Julia Kadish on Posted in Data Security, FTC, Privacy
The FTC recently settled with smart lock maker Tapplock, Inc., a Canadian company, over allegations that it deceived consumers with false claims about its product’s security practices. These allegations arose based on vulnerabilities that a security researcher demonstrated – not in the aftermath of a data security breach where these complaints often originate.… Continue Reading

FCC Ruling Helps Clarify What COVID-19 Texts and Calls Are “Emergency” Under TCPA

Liisa ThomasDavid PoellBy Liisa Thomas and David Poell on Posted in COVID-19, Mobile Privacy
The FCC recently issued a declaratory ruling explaining what calls and text message alerts it viewed as “emergency” for purposes of the Telephone Consumer Protection Act. Under TCPA, requirements to obtain consent to make certain calls and texts to cell phone numbers do not apply when a message is an “emergency.” Under the FCC’s new … Continue Reading

Apple Eases Push Notification and Other Privacy Restrictions

Liisa ThomasBridget RussellBy Liisa Thomas and Bridget Russell on Posted in Communication Privacy, Mobile Privacy, Online Privacy
Apple recently revised its review guidelines to allow push notifications that include “advertising, promotions, or direct marketing.”  This changes a prior -and longstanding- prohibition on push notices that contain such content. Customers must affirmatively opt in to get promotional push notices, though (“through consent language displayed in your app’s UI”). They must also be able … Continue Reading

Turn On the Camera Part Three: Fulfilling CCPA Training Obligations in the Face of COVID-19

Liisa ThomasCraig CardonRachel Tarko HudsonBy Liisa Thomas, Craig Cardon and Rachel Tarko Hudson on Posted in CCPA, Consumer Privacy, COVID-19, GDPR, Online Privacy
As many who have been tracking CCPA are aware, the law requires training employees who handle consumer inquiries, and ensuring that employees understand how to help consumers exercise their rights. Since most of those rights requests are arriving by web page, email, and phone, it is unlikely that rights requests will slow in the face … Continue Reading

NY SHIELD Act Data Security Requirements Effective This Month

Julia KadishBy Julia Kadish on Posted in Data Breach, Data Security, New York Privacy
Businesses collecting personal information from New York residents will soon be expected to apply enhanced data security requirements. The New York SHIELD Act, signed into law in July 2019, expanded breach notice requirements in October 2019. Now, On March 21, 2020, the remaining provisions related to data security will also come into effect. As we … Continue Reading

FTC Releases 2019 Privacy and Security Year in Review

Julia KadishBy Julia Kadish on Posted in Consumer Privacy, COPPA, FTC, Online Privacy
The FTC recently released its annual privacy and security report, providing a snapshot of the issues focused on in the previous year. These reports are often looked at as a signal for insights into the agency’s upcoming priorities. Generally, the report contains a summary of the FTC’s enforcement, advocacy, and rulemaking actions from 2019, a … Continue Reading

European Parliament Weighs in on Automated Decision-Making

Elfin NoceBy Elfin Noce on Posted in EU Privacy
The European Parliament recently issued a resolution directed at the European Commission on its concerns with automated decision-making processes and artificial intelligence. While the EU Parliament addresses several areas of automated decision-making, the underlying theme of this resolution is that the Commission should ensure that there is transparency and human oversight of these processes. In … Continue Reading

And the Modified Proposed CCPA Regulations are Here!

Craig CardonRachel Tarko HudsonLiisa ThomasJulia KadishBy Craig Cardon, Rachel Tarko Hudson, Liisa Thomas and Julia Kadish on Posted in California, California Privacy, CCPA, Consumer Privacy
On February 10, the California Attorney General’s office released a highly anticipated updated draft of the proposed CCPA regulations. This draft corrected a version first issued on February 7, 2020. These latest updates follow the four public hearings held in December 2019 and nearly 1,700 pages of comments submitted after the AG first released the initial proposal … Continue Reading

FTC Finalizes Five Settlements Regarding Privacy Shield Claims

Elfin NoceBy Elfin Noce on Posted in EU Privacy, Privacy Shield
The FTC recently finalized settlements with five companies over allegations that they falsely claimed certification under the EU-U.S. Privacy Shield framework. In each complaint, the FTC alleged that DCR Workforce, Inc., Thru, Inc., LotaData, Inc., and 214 Technologies, Inc. made false and misleading representations when they stated that they participated under the Privacy Shield framework … Continue Reading

NAI’s 2020 Code Effective January 1 Along with CCPA

Liisa ThomasElfin NoceJulia KadishBy Liisa Thomas, Elfin Noce and Julia Kadish on Posted in Behavioral Advertising, Consumer Privacy, Online Privacy
The Network Advertising Initiative, which provides guidance to advertisers who engage in personalized advertising, updated its Code of Conduct (2020 Code) earlier this year to address, inter alia, data collected offline and used for tailored advertising, as well as CCPA and TV-based tailored advertising. In anticipation of the January 1, 2020 effective date of the … Continue Reading

New European Data Protection Board Guidance on Data Protection by Design and by Default

Liisa ThomasKari RollinsElfin NoceBy Liisa Thomas, Kari Rollins and Elfin Noce on Posted in Data Security, EU Privacy, GDPR
The European Data Protection Board recently requested comments on its data protection “by design and default” guidelines. Comments are due by mid-January of next year. The Guidelines provide clarity about how to address GDPR’s requirement that companies take “appropriate” technical and organizational steps to protect personal information and individuals. Part of the law’s requirements, according … Continue Reading

The Privacy Shield Survives Another EU Commission Review, For Now…

Liisa ThomasRachel Tarko HudsonRebecca MackinJulia KadishBy Liisa Thomas, Rachel Tarko Hudson, Rebecca Mackin and Julia Kadish on Posted in Consumer Privacy, EU Privacy
The EU Commission concluded its third annual review of the EU-U.S. Privacy Shield and found that it continues to provide an adequate level of protection for EU personal data. The program was created as a mechanism to facilitate transfers of personal data from the EU to the US. It is reviewed annually by the EU … Continue Reading

California Follows Vermont, Requires Data Broker Registration

Liisa ThomasJulia KadishBy Liisa Thomas and Julia Kadish on Posted in California Privacy, CCPA, Consumer Privacy
Joining Vermont, California will now require data brokers to register with the California Attorney General. The law was signed October 11, 2019. It applies to companies that “knowingly” collect and sell personal information about consumers with whom they do not have a “direct relationship.” They must register with the AG by January 31, 2020.… Continue Reading

A Single Text Message May Not Violate TCPA

Shannon PetersenLiisa ThomasLisa YunElfin NoceBy Shannon Petersen, Liisa Thomas, Lisa Yun and Elfin Noce on Posted in Communication Privacy, Consumer Privacy, TCPA
As we reported in our sister blog, “One ‘Chirp, Buzz, Or Blink’ Is Not Enough To Sue Under the TCPA”, a recent court decision makes it more difficult for plaintiffs to establish standing under the Telephone Consumer Protection Act. In its decision, the Eleventh Circuit ruled that a single text message from an attorney to … Continue Reading

CNIL Issues Record-Keeping Guidance

Liisa ThomasSylvie RousseauRebecca MackinBy Liisa Thomas, Sylvie Rousseau and Rebecca Mackin on Posted in EU Privacy, GDPR
Under GDPR, companies are required to keep certain records of their processing activities. There has been some question about the types of records controllers should keep. To help clarify the questions arising from many companies, CNIL issued guidance recently about how to fulfill record keeping obligations. The guidance includes an RPA template for controllers, and outlines contents to … Continue Reading
LexBlog

By scrolling this page, clicking a link or continuing to browse our website, you consent to our use of cookies as described in our Cookie and Advertising Policy. If you do not wish to accept cookies from our website, or would like to stop cookies being stored on your device in the future, you can find out more and adjust your preferences here.

Agree