On February 14, 2022, Texas Attorney General Ken Paxton brought suit against Meta over the company’s collection and use of biometric data. The suit alleges that Meta collected and used Texans’ facial geometry data in violation of the Texas Capture or Use of Biometric Identifier Act and the Texas Deceptive Trade Practices Act.
Continue Reading Texas AG Sues Meta Over Collection and Use of Biometric Data
Austrian DPA Finds Data Transfers Resulting from Analytics Cookie Use to Be in Violation of GDPR Data Transfer Requirements
The Austrian data protection authority recently published a decision finding that the use of Google Analytics cookies violates both Chapter V of the GDPR, which establishes the rules on international data transfers, and the Schrems II judgment of the Court of Justice of the European Union.
Continue Reading Austrian DPA Finds Data Transfers Resulting from Analytics Cookie Use to Be in Violation of GDPR Data Transfer Requirements
CNIL Fines Big Tech Companies 210 Million Euros for Cookie Violations
On December 31, 2021, the French Data Protection Authority (the “CNIL”) imposed a €150,000,000 fine on Google and a €60,000,000 fine on Facebook (now Meta) for violations of French rules on the use of cookies.
Continue Reading CNIL Fines Big Tech Companies 210 Million Euros for Cookie Violations
Facebook to End Use of Its Facial Recognition System
On November 2, 2021, Facebook parent Meta Platforms Inc. announced that it will shut down its “Face Recognition” system in coming weeks as part of a company-wide move to limit the use of facial recognition in its products. …
Continue Reading Facebook to End Use of Its Facial Recognition System
CFPB Orders Six Tech Companies to Provide Information on Payment Systems Data Practices
On October 21, 2021, the Consumer Financial Protection Bureau issued orders to Google, Apple, Facebook, Amazon, Square and PayPal requesting detailed information about their business practices in relation to payment systems they operate.
Continue Reading CFPB Orders Six Tech Companies to Provide Information on Payment Systems Data Practices
Irish DPC Draft Decision Permits Facebook to Rely on Contractual Necessity for Behavioral Advertising
The Irish Data Protection Commissioner has submitted a draft decision on Facebook Ireland Limited’s data protection compliance to other European regulators under the cooperation mechanism of the EU General Data Protection Regulation. The DPC proposed a fine for infringements of the transparency obligations under the GDPR, specifically with respect to the legal basis upon which Facebook relied. …
Continue Reading Irish DPC Draft Decision Permits Facebook to Rely on Contractual Necessity for Behavioral Advertising
Court Approves Settlement with HelloFresh Over Alleged TCPA Violations
On October 15, 2021, the U.S. District Court for the District of Massachusetts entered a final order approving a $14 million class action settlement resolving claims against Hello Fresh for alleged violations of the Telephone Consumer Protection Act, 47 U.S.C. § 227, et seq. According to plaintiffs’ attorneys, this settlement is the largest TCPA class action settlement in Massachusetts state history.
Continue Reading Court Approves Settlement with HelloFresh Over Alleged TCPA Violations
CJEU Issues Ruling on Jurisdictional Aspects of the GDPR’s One-Stop-Shop
On June 15, 2021, the Court of Justice of the European Union released its judgment in case C-645/19 of Facebook Ireland Limited, Facebook Inc., Facebook Belgium BVBA v. the Belgian Data Protection Authority. We provide highlights of the case in this blog entry.
Continue Reading CJEU Issues Ruling on Jurisdictional Aspects of the GDPR’s One-Stop-Shop
Irish High Court Permits DPC Inquiry into Facebook Transfers to Proceed
On May 14, 2021, the Irish High Court dismissed Facebook Ireland’s challenge to the Irish Data Protection Commissioner’s investigation into the company’s international transfers of personal data.
Continue Reading Irish High Court Permits DPC Inquiry into Facebook Transfers to Proceed
Supreme Court Adopts Narrow Interpretation of ATDS
On April 1, 2021, the Supreme Court issued its long-awaited opinion in Facebook, Inc. v. Duguid et al., No. 19-511 (Apr. 1, 2021). At issue in Facebook, was the question of what technology constitutes an “automatic telephone dialing system” within the meaning of the Telephone Consumer Protection Act, 47 U.S.C. §227 et seq. The Supreme Court’s unanimous decision is a huge win for companies who communicate with their consumers by telephone/text message. …
Continue Reading Supreme Court Adopts Narrow Interpretation of ATDS