On August 30, 2018, Apple announced a June update to its App Store Review Guidelines that will require each developer to provide its privacy policy as part of the app review process and include in such policy specific content requirements. Effective October 3, 2018, all new apps and app updates must include a link to the developer’s privacy policy before they can be submitted for distribution to users through the App Store or through TestFlight external testing.
Continue Reading

On July 19, 2018, the French Data Protection Authority announced that it served a formal notice to two advertising startups headquartered in France, FIDZUP and TEEMO. Both companies collect personal data from mobile phones via software development kit tools integrated into the code of their partners’ mobile apps—even when the apps are not in use—and process the data to conduct marketing campaigns on mobile phones.
Continue Reading

Recently, Iowa and Nebraska enacted information security laws applicable to personal information. Iowa’s law applies to operators of online services directed at and used by students in kindergarten through grade 12, whereas Nebraska’s law applies to all businesses doing business in Nebraska who own or license Nebraska residents’ personal information.
Continue Reading

On February 27, 2018, the FTC announced an agreement with PayPal, Inc., to settle charges that its Venmo peer-to-peer payment service misled consumers regarding privacy and the extent to which consumers’ financial accounts were secured. This signals a renewed focus by the FTC on violations of the Gramm-Leach-Bliley Act’s Privacy and Safeguards Rules.
Continue Reading