On October 2, 2019, the UK Court of Appeal handed down its judgment on the appeal in Richard Lloyd v. Google LLC, in which Richard Lloyd, a consumer protection advocate, seeks to bring a representative action on behalf of four million Apple iPhone users against Google LLC in the United States. Previously, the High Court had refused to grant permission for the proceedings to be served outside the UK. The Court of Appeal reversed the High Court’s judgment, granting permission for service outside the UK and allowing the representative action to proceed. The judgment is significant as it paves the way for representative actions (equivalent to class actions) for data protection infringements in the UK.

Continue Reading

On September 24, 2019, the Court of Justice of the European Union released its judgments in cases C-507/17, Google v. CNIL and C-136/17, G.C. and Others v. CNIL regarding (1) the territorial scope of the right to be forgotten, and (2) the conditions in which individuals may exercise the right to be forgotten in relation to links to web pages containing sensitive data.
Continue Reading

As an update to our previous blog posts, the FTC announced that it and the New York Attorney General reached a $170 million agreement with Google to resolve allegations that the company violated COPPA through its YouTube platform. Under the agreement, Google will pay $136 million to the FTC and $34 million to New York. The FTC voted 3-2 to authorize the action.
Continue Reading

As an update to our previous blog post, according to media reports, Google has reached a settlement with the FTC in the range of $150 to $200 million over the agency’s investigation into the company’s alleged violations of COPPA through its YouTube platform. The settlement has not been announced by the FTC or Google, and the details of the settlement have not been made publicly available.
Continue Reading

On August 8, 2019, the FTC announced that Unrollme Inc. (“Unrollme”), an email management company, agreed to settle allegations the company deceived consumers about how it accesses and uses their personal emails. Unrollme offered users a service whereby the company would help unsubscribe users from unwanted subscription emails. In connection with this service, Unrollme required users to provide the company with access to their email accounts. The FTC alleged that Unrollme falsely told consumers it would not “touch” their personal emails. In fact, the FTC alleged, Unrollme shared its users’ email receipts (“e-receipts”) (i.e., emails sent to consumers following a completed transaction) with its parent company, Slice Technologies, Inc. The FTC’s complaint alleged that the parent company used information from the e-receipts (such as the user’s name, address, and information about products or services the individual purchased) for purposes of its own market research analytics products.

Continue Reading