On August 8, 2019, the FTC announced that Unrollme Inc. (“Unrollme”), an email management company, agreed to settle allegations the company deceived consumers about how it accesses and uses their personal emails. Unrollme offered users a service whereby the company would help unsubscribe users from unwanted subscription emails. In connection with this service, Unrollme required users to provide the company with access to their email accounts. The FTC alleged that Unrollme falsely told consumers it would not “touch” their personal emails. In fact, the FTC alleged, Unrollme shared its users’ email receipts (“e-receipts”) (i.e., emails sent to consumers following a completed transaction) with its parent company, Slice Technologies, Inc. The FTC’s complaint alleged that the parent company used information from the e-receipts (such as the user’s name, address, and information about products or services the individual purchased) for purposes of its own market research analytics products.
Continue Reading
U.S. Federal Law
Ninth Circuit Allows Class Action Challenging Facebook’s Facial Recognition Technology Under Illinois BIPA
Posted on
On August 8, 2019, the United States Court of Appeals for the Ninth Circuit allowed a class action brought by Illinois residents to proceed against Facebook under the Illinois Biometric Information Privacy Act. This blog entry provides details on the case.…
Continue Reading
Facebook to Settle with SEC for $100 Million
Posted on
In addition to the record-breaking $5 billion penalty to the FTC penalty and settlement order, on July 24, 2019, the SEC announced charges against Facebook for inadequate and misleading disclosures over its privacy practices.…
Continue Reading
UPDATE: FTC Announces Record-Breaking Facebook Settlement Order
Posted on
Facebook will pay a $5 billion penalty to the FTC to resolve a privacy probe into whether Facebook violated a prior FTC consent decree requiring the company to better protect user privacy.…
Continue Reading
FTC Approves Settlement with Google Related to YouTube’s Alleged COPPA Violations
Posted on
According to media reports, the Federal Trade Commission has approved a multimillion dollar fine as part of a settlement with Google related to the FTC’s investigation into YouTube’s children’s data privacy practices. The FTC found that, in violation of COPPA, Google had failed to adequately protect children under 13 who used the video-streaming service and improperly collected their data.
…
Continue Reading
FTC Seeks Comment on COPPA Rule
Posted on
Posted in Children’s Privacy, U.S. Federal Law
On July 17, 2019, the Federal Trade Commission published a notice in the Federal Register announcing an accelerated review of its Children’s Online Privacy Protection Rule, seeking feedback on the effectiveness of the 2013 amendments to the Rule, and soliciting input on whether additional changes are needed.…
Continue Reading
Organizational Accountability in U.S. Law and Its Relevance to a Federal Data Privacy Law: A CIPL Study
Posted on
The Centre for Information Policy Leadership at Hunton Andrews Kurth LLP recently published a white paper on Organizational Accountability’s Existence in U.S. Regulatory Compliance and its Relevance for a Federal Data Privacy Law.…
Continue Reading
CIPL Publishes Q&A on Organizational Accountability in Data Protection
Posted on
The Centre for Information Policy Leadership at Hunton Andrews Kurth LLP recently published a Q&A document on organizational accountability in data protection.…
Continue Reading
FTC Approves Record $5 Billion Settlement with Facebook
Posted on
According to media reports, the Federal Trade Commission has approved a roughly $5 billion settlement with Facebook, Inc. to resolve a privacy probe investigating whether Facebook had violated a prior FTC consent decree requiring the company to better protect user privacy.…
Continue Reading
FTC Takes Action Against Companies Misrepresenting Compliance with the EU-U.S. Privacy Shield and Other International Privacy Agreements
Posted on
On June 14, 2019, the Federal Trade Commission announced that it has taken action against a number of companies that allegedly misrepresented their compliance with the EU-U.S. and Swiss-U.S. Privacy Shield frameworks and other international privacy agreements. This blog entry provides an overview of these developments.…
Continue Reading