As reported on the Hunton Retail Law Resource blog, the Federal Trade Commission settled charges with mobile advertising company Tapjoy, Inc., on allegations that the company failed to provide promised rewards in exchange for completed activities such as the payment of money, disclosure of sometimes-sensitive personal information or registration for “free trial” marketing offers.
Continue Reading FTC Pursues Advertising Network that Failed to Deliver In-Game Rewards in Exchange for Payment or Personal Information
Enforcement
FTC Announces Enforcement for Inadequate Third Party Risk Management Practices Under the GLBA’s Safeguards Rule
On December 15, 2020, the Federal Trade Commission announced a proposed settlement with Ascension Data & Analytics, LLC, a Texas-based mortgage industry data analytics company, to resolve allegations that the company failed to ensure one of its vendors was adequately securing personal information of mortgage holders.…
Continue Reading FTC Announces Enforcement for Inadequate Third Party Risk Management Practices Under the GLBA’s Safeguards Rule
FTC Issues Orders to Nine Social Media and Video Streaming Service Companies Regarding Privacy Practices
On December 14, 2020, the Federal Trade Commission announced that it had issued orders to nine social media and video streaming companies, requesting information on how the companies collect, use and present personal information, their advertising and user engagement practices and how their practices affect children and teens.…
Continue Reading FTC Issues Orders to Nine Social Media and Video Streaming Service Companies Regarding Privacy Practices
Irish DPA Issues €450,000 Fine Against Twitter for Data Breach Following EDPB Decision under the GDPR Consistency Mechanism
On December 15, 2020, the Irish Data Protection Commission announced its fine of 450,000 Euros against Twitter International Company, following its investigation into a breach resulting from a bug in Twitter’s design. The fine is the largest issued by the Irish DPC under the GDPR to date and is also its first against a U.S.-based organization. …
Continue Reading Irish DPA Issues €450,000 Fine Against Twitter for Data Breach Following EDPB Decision under the GDPR Consistency Mechanism
CNIL Fines Google and Amazon 135 Million Euros for Alleged Cookie Violations
On December 10, 2020, the French Data Protection Authority announced that it has levied fines on Google LLC, Google Ireland Limited and Amazon Europe Core for alleged violations of the French cookie rules. This post examines the French cookie rules, CNIL’s territorial jurisdiction, the investigations and the sanctions levied against each company.…
Continue Reading CNIL Fines Google and Amazon 135 Million Euros for Alleged Cookie Violations
CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations
On November 26, 2020, the French Data Protection Authority announced that it imposed a fine of €2.25 million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation and Article 82 of the French Data Protection Act governing the use of cookies. …
Continue Reading CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations
Dutch Court Overturns DPA Fine on Legitimate Interest Legal Basis
On November 23, 2020, the Dutch District Court of Midden-Nederland determined that the concept of a legitimate interest for processing is broader than simply being an interest derived from law, overturning a fine by the Dutch data protection authority.…
Continue Reading Dutch Court Overturns DPA Fine on Legitimate Interest Legal Basis
ICO Fines Ticketmaster £1.25 Million for Security Failures
On November 13, 2020, the UK Information Commissioner’s Office fined Ticketmaster UK Limited £1.25 million for failing to keep its customers’ personal data secure.…
Continue Reading ICO Fines Ticketmaster £1.25 Million for Security Failures
Zoom Settles with FTC Over Deceptive Security Claims
On November 9, 2020, the Federal Trade Commission announced it had entered into an consent agreement with Zoom Video Communications, Inc. to settle allegations that the video conferencing provider engaged in a series of unfair and deceptive practices that undermined the security of its user base, which, according to the FTC, has grown from 10 million users in December 2019 to 300 million in April 2020 during the COVID-19 pandemic.…
Continue Reading Zoom Settles with FTC Over Deceptive Security Claims
ICO Launches Consultation on Its Draft Statutory Guidance
On October 1, 2020, the UK Information Commissioner’s Office launched a public consultation on its draft Statutory Guidance, which provides an overview of the ICO’s powers and how it intends to regulate and enforce data protection legislation in the UK, including its approach to calculating fines.…
Continue Reading ICO Launches Consultation on Its Draft Statutory Guidance