On January 4, 2023, the Irish Data Protection Commission announced the conclusion of two inquiries into the data processing practices of Meta Platforms, Inc. on the Instagram and Facebook platforms.
Continue Reading Meta Fined €390 Million by Irish DPC for Alleged Breaches of GDPR, Including in Behavioral Advertising Context

On November 25, 2022, Ireland’s Data Protection Commission released a decision fining Meta Platforms, Inc. €265 million for a 2019 data leak involving the personal information of approximately 533 million Facebook users worldwide.
Continue Reading Irish Data Protection Commission Fines Meta €265 Million for Privacy Violations

On November 21, 2022, Meta Platforms, Inc. announced updated practices designed to protect the privacy of young people on Facebook and Instagram, including default privacy settings for new accounts, measures to limit unwanted interactions with adult users, and a tool to limit the spread of teens’ intimate images online.
Continue Reading Meta Announces New Privacy Measures to Protect Teen Users’ Privacy

On October 31, 2022, the Consumer Financial Protection Bureau announced that it will re-open the public comment period on their October 2021 Orders for six large technology companies operating payments platforms to provide information about their business practices.
Continue Reading CFPB Re-Opens Public Comment on Prior Orders Seeking Information on Big Tech Payment Platforms

On February 14, 2022, Texas Attorney General Ken Paxton brought suit against Meta over the company’s collection and use of biometric data. The suit alleges that Meta collected and used Texans’ facial geometry data in violation of the Texas Capture or Use of Biometric Identifier Act and the Texas Deceptive Trade Practices Act.
Continue Reading Texas AG Sues Meta Over Collection and Use of Biometric Data

The Austrian data protection authority recently published a decision finding that the use of Google Analytics cookies violates both Chapter V of the GDPR, which establishes the rules on international data transfers, and the Schrems II judgment of the Court of Justice of the European Union.
Continue Reading Austrian DPA Finds Data Transfers Resulting from Analytics Cookie Use to Be in Violation of GDPR Data Transfer Requirements