On June 3, 2021, Google informed app developers that beginning in late 2021, when Android 12 OS users opt out of personalized ads, the advertising ID provided by Google Play services will not be made available to app developers for any purpose.
Continue Reading Google to Prevent App Developers from Using Advertising ID for Any Purpose Following User Opt-Out

Google has announced that beginning in the second quarter of 2022, developers submitting new apps and app updates to the Google Play store will be required to disclose certain information regarding their apps’ data collection, use, sharing and security practices, as well as provide a privacy policy for their apps.
Continue Reading Google Play to Require Android App Data Privacy and Security Disclosures

On December 10, 2020, the French Data Protection Authority announced that it has levied fines on Google LLC, Google Ireland Limited and Amazon Europe Core for alleged violations of the French cookie rules. This post examines the French cookie rules, CNIL’s territorial jurisdiction, the investigations and the sanctions levied against each company.
Continue Reading CNIL Fines Google and Amazon 135 Million Euros for Alleged Cookie Violations

On November 27, 2020, New Mexico Attorney General Hector Balderas filed a notice of appeal to the U.S. Court of Appeals for the Tenth Circuit in the lawsuit it brought against Google on February 20, 2020, regarding alleged violations of the federal Children’s Online Privacy Protection Act in connection with G-Suite for Education.
Continue Reading New Mexico AG Files Notice of Appeal in Suit Against Google Regarding Alleged Violations of COPPA

On July 14, 2020, the Litigation Chamber of the Belgian Data Protection Authority (the “Belgian DPA”) imposed a €600,000 fine on Google Belgium SA (“Google”) for non-compliance with the right to be forgotten.

Continue Reading Belgian DPA Issues its Largest Fine to Date for Non-Compliance with the Right to Be Forgotten

On October 2, 2019, the UK Court of Appeal handed down its judgment on the appeal in Richard Lloyd v. Google LLC, in which Richard Lloyd, a consumer protection advocate, seeks to bring a representative action on behalf of four million Apple iPhone users against Google LLC in the United States. Previously, the High Court had refused to grant permission for the proceedings to be served outside the UK. The Court of Appeal reversed the High Court’s judgment, granting permission for service outside the UK and allowing the representative action to proceed. The judgment is significant as it paves the way for representative actions (equivalent to class actions) for data protection infringements in the UK.

Continue Reading UK Court of Appeal Permits Activist to Proceed with Claim for Damages Against Google

On September 24, 2019, the Court of Justice of the European Union released its judgments in cases C-507/17, Google v. CNIL and C-136/17, G.C. and Others v. CNIL regarding (1) the territorial scope of the right to be forgotten, and (2) the conditions in which individuals may exercise the right to be forgotten in relation to links to web pages containing sensitive data.
Continue Reading CJEU Rules “Right to be Forgotten” on Google Limited to the EU in Landmark Case