Enforcement

Subscribe to Enforcement

On July 28, 2022, a federal judge approved TikTok’s $92 million class action settlement of various privacy claims made under state and federal law, which will resolve litigation that began in 2019 and involved claims that TikTok violated the Illinois Biometric Information Privacy Act and the federal Video Privacy Protection Act.
Continue Reading Judge Approves $92 Million TikTok Settlement

On July 1, 2022, the California Privacy Protection Agency sent U.S. House of Representatives Speaker Nancy Pelosi a memo outlining how H.R. 8152, the bipartisan American Data Privacy and Protection Act, would lessen privacy protections for Californians, and California Democrats have joined the cause.
Continue Reading California Privacy Protection Agency Issues Memo Opposing Federal Privacy Legislation, and California Democrats Join the Cause

On June 29, 2022, the U.S. Department of Health and Human Services issued two guidance documents to “help protect patients seeking reproductive health care, as well as their providers” following the Supreme Court’s decision in Dobbs vs. Jackson Women’s Health Organization.
Continue Reading HHS Issues Post-Dobbs Guidance to Protect Patient Privacy

On June 24, 2022, the New York State Department of Financial Services announced it had entered into a $5 million settlement with Carnival Corp., the world’s largest cruise-ship operator, for violations of the Cybersecurity Regulation in connection with four cybersecurity events between 2019 and 2021, including two ransomware events.
Continue Reading NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

On June 23, 2022, Italy’s data protection authority determined that a website’s use of the audience measurement tool Google Analytics is not compliant with the EU General Data Protection Regulation, as the tool transfers personal data to the United States, which does not offer an adequate level of data protection.
Continue Reading Italian Garante Bans Google Analytics

Earlier this month, the U.S. Department of Health and Human Services Office for Civil Rights released guidance to help covered entities understand how they can use remote communication technologies for audio-only telehealth in compliance with the HIPAA Privacy and Security Rules. Specifically, the Guidance clarifies how audio-only telehealth can be conducted after OCR’s Notification of Enforcement Discretion for Telehealth, put in place during the COVID-19 pandemic, is no longer in effect.
Continue Reading HHS Releases Guidance on Audio-Only Telehealth Practices

On June 16, 2022, the Federal Trade Commission issued a report to Congress titled Combatting Online Harms Through Innovation that urges policymakers and other stakeholders to exercise “great caution” about relying on artificial intelligence to combat harmful online content.
Continue Reading FTC Issues Report to Congress on Using AI to Combat Online Harms