On December 1, 2022, the Office for Civil Rights at the U.S. Department of Health and Human Services released a Bulletin on the obligations of HIPAA covered entities and business associates under the HIPAA Privacy, Security, and Breach Notification Rules when using online tracking technologies.
Continue Reading HHS Releases Bulletin on Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates
Online Privacy
Irish Data Protection Commission Fines Meta €265 Million for Privacy Violations
On November 25, 2022, Ireland’s Data Protection Commission released a decision fining Meta Platforms, Inc. €265 million for a 2019 data leak involving the personal information of approximately 533 million Facebook users worldwide.
Continue Reading Irish Data Protection Commission Fines Meta €265 Million for Privacy Violations
CPPA Announces Meeting to Discuss CPRA Rulemaking and Other Updates
On December 6, 2022, the California Privacy Protection Agency announced that it will hold a virtual public meeting to discuss the status of the California Privacy Rights Act of 2020 rulemaking process and other topics.
Continue Reading CPPA Announces Meeting to Discuss CPRA Rulemaking and Other Updates
Meta Announces New Privacy Measures to Protect Teen Users’ Privacy
On November 21, 2022, Meta Platforms, Inc. announced updated practices designed to protect the privacy of young people on Facebook and Instagram, including default privacy settings for new accounts, measures to limit unwanted interactions with adult users, and a tool to limit the spread of teens’ intimate images online.
Continue Reading Meta Announces New Privacy Measures to Protect Teen Users’ Privacy
UK Cyber Laws Extended to Bring Outsourcers and Managed Service Providers into Scope to Strengthen UK’s Resilience Against Online Cyber Attacks
On November 30, 2022, the UK government confirmed that the Network and Information Systems Regulations 2018 will be strengthened to protect essential and digital services against cyber attacks.
Continue Reading UK Cyber Laws Extended to Bring Outsourcers and Managed Service Providers into Scope to Strengthen UK’s Resilience Against Online Cyber Attacks
The UK ICO and Ofcom to Work Together on Online Safety and Data Protection
On November 25, 2022, the UK Information Commissioner’s Office and the UK’s communications regulator, Ofcom, issued a joint statement setting out how they intend to work together to “ensure coherence between the data protection and the new online safety regimes.”…
Continue Reading The UK ICO and Ofcom to Work Together on Online Safety and Data Protection
Class Action Lawsuits Continue Targeting Companies For Tracking Users’ Website Activity
Plaintiff’s firms continue to file variations of state law wiretapping lawsuits over “session replay” software and “live chat” or “chatbot” applications in various jurisdictions.
Continue Reading Class Action Lawsuits Continue Targeting Companies For Tracking Users’ Website Activity
Facebook’s $90M Privacy Deal Gets Final Nod Over Objections
On November 14, 2022, Judge Edward J. Davila of the Northern District of California approved a $90 million privacy settlement against Meta Platforms, Inc. for unlawfully tracking user information when users were logged out of the site.
Continue Reading Facebook’s $90M Privacy Deal Gets Final Nod Over Objections
House Energy and Commerce Leaders Demand Information from Various Toy Manufacturers
On October 26, 2022, House Energy and Commerce Committee and Consumer Protection and Commerce Subcommittee leaders sent letters to several toy manufacturers, including Bandai Namco, Hasbro, Mattel, MGA Entertainment, LEGO Group and the Toy Association, asking how they plan to protect children and their information from BigTech companies like TikTok and YouTube.
Continue Reading House Energy and Commerce Leaders Demand Information from Various Toy Manufacturers
Pennsylvania Amends Breach Notification Law
On November 3, 2022, Pennsylvania Governor Tom Wolf singed Senate Bill 636 into law, amending Pennsylvania’s breach notification law.
Continue Reading Pennsylvania Amends Breach Notification Law