On October 21, 2021, the Consumer Financial Protection Bureau issued orders to Google, Apple, Facebook, Amazon, Square and PayPal requesting detailed information about their business practices in relation to payment systems they operate.
Continue Reading CFPB Orders Six Tech Companies to Provide Information on Payment Systems Data Practices
Irish DPC Draft Decision Permits Facebook to Rely on Contractual Necessity for Behavioral Advertising
Posted on
The Irish Data Protection Commissioner has submitted a draft decision on Facebook Ireland Limited’s data protection compliance to other European regulators under the cooperation mechanism of the EU General Data Protection Regulation. The DPC proposed a fine for infringements of the transparency obligations under the GDPR, specifically with respect to the legal basis upon which Facebook relied. …
Continue Reading Irish DPC Draft Decision Permits Facebook to Rely on Contractual Necessity for Behavioral Advertising
Court Approves Settlement with HelloFresh Over Alleged TCPA Violations
Posted on
Posted in Marketing, U.S. State Law
On October 15, 2021, the U.S. District Court for the District of Massachusetts entered a final order approving a $14 million class action settlement resolving claims against Hello Fresh for alleged violations of the Telephone Consumer Protection Act, 47 U.S.C. § 227, et seq. According to plaintiffs’ attorneys, this settlement is the largest TCPA class action settlement in Massachusetts state history.
Continue Reading Court Approves Settlement with HelloFresh Over Alleged TCPA Violations
CJEU Issues Ruling on Jurisdictional Aspects of the GDPR’s One-Stop-Shop
Posted on
Posted in European Union, International
On June 15, 2021, the Court of Justice of the European Union released its judgment in case C-645/19 of Facebook Ireland Limited, Facebook Inc., Facebook Belgium BVBA v. the Belgian Data Protection Authority. We provide highlights of the case in this blog entry.
Continue Reading CJEU Issues Ruling on Jurisdictional Aspects of the GDPR’s One-Stop-Shop
Irish High Court Permits DPC Inquiry into Facebook Transfers to Proceed
Posted on
Posted in European Union, Information Security
On May 14, 2021, the Irish High Court dismissed Facebook Ireland’s challenge to the Irish Data Protection Commissioner’s investigation into the company’s international transfers of personal data.
Continue Reading Irish High Court Permits DPC Inquiry into Facebook Transfers to Proceed
Supreme Court Adopts Narrow Interpretation of ATDS
Posted on
On April 1, 2021, the Supreme Court issued its long-awaited opinion in Facebook, Inc. v. Duguid et al., No. 19-511 (Apr. 1, 2021). At issue in Facebook, was the question of what technology constitutes an “automatic telephone dialing system” within the meaning of the Telephone Consumer Protection Act, 47 U.S.C. §227 et seq. The Supreme Court’s unanimous decision is a huge win for companies who communicate with their consumers by telephone/text message. …
Continue Reading Supreme Court Adopts Narrow Interpretation of ATDS
Advocate General Issues Opinion on GDPR’s One-Stop-Shop
Posted on
On January 13, 2021, Advocate General Michal Bobek of the Court of Justice of the European Union issued his Opinion in the Case C-645/19 of Facebook Ireland Limited, Facebook Inc., Facebook Belgium BVBA v. the Belgian Data Protection Authority.
Continue Reading Advocate General Issues Opinion on GDPR’s One-Stop-Shop
Schrems II Update: German SAs Require Additional Safeguards for U.S. Transfers and Max Schrems Set to Challenge Facebook Data Transfers Again
Posted on
Posted in European Union, International
On July 28, 2020, German supervisory authorities issued a statement reiterating the requirement for additional safeguards when organizations rely on Standard Contractual Clauses or Binding Corporate Rules for the transfer of personal data to third countries in the wake of the Court of Justice of the European Union’s invalidation of the Privacy Shield Framework.
Continue Reading Schrems II Update: German SAs Require Additional Safeguards for U.S. Transfers and Max Schrems Set to Challenge Facebook Data Transfers Again
Texas AG Investigates Facebook’s Use of Biometric Identifiers
Posted on
Posted in U.S. State Law
Texas Attorney General Ken Paxton is investigating Facebook for alleged violations of the Texas Business and Commercial Code, which contains provisions governing the collection, retention and disclosure of biometric data.
Continue Reading Texas AG Investigates Facebook’s Use of Biometric Identifiers
BREAKING: Unexpected Outcome of Schrems II Case: CJEU Invalidates EU-U.S. Privacy Shield Framework but Standard Contractual Clauses Remain Valid
Posted on
On July 16, 2020, the Court of Justice of the European Union issued its landmark judgment in the Schrems II case, concluding that the Standard Contractual Clauses issued by the European Commission for the transfer of personal data to data processors established outside of the EU are valid. Unexpectedly, the Court invalidated the EU-U.S. Privacy Shield framework.
Continue Reading BREAKING: Unexpected Outcome of Schrems II Case: CJEU Invalidates EU-U.S. Privacy Shield Framework but Standard Contractual Clauses Remain Valid