On January 21, 2019, the CNIL imposed a fine of €50 million on Google LLC under the GDPR, its first fine under the GDPR and the highest fine imposed by a supervisory authority within the EU under the GDPR to date.
Continue Reading
Mobile Device
CNIL Details Rules on Audience and Traffic Measuring in Publicly Accessible Areas
Posted on
On October 17, 2018, the French data protection authority published a press release, detailing the rules applicable to devices that collect personal data from users’ mobile phones (media access control address) for the purposes of measuring the advertising audience and traffic in shopping malls and other public areas.…
Continue Reading
CNIL Serves Formal Notice to Marketing Companies to Obtain User’s Consent for Processing Geolocation Data for Ad Targeting
Posted on
On July 19, 2018, the French Data Protection Authority announced that it served a formal notice to two advertising startups headquartered in France, FIDZUP and TEEMO. Both companies collect personal data from mobile phones via software development kit tools integrated into the code of their partners’ mobile apps—even when the apps are not in use—and process the data to conduct marketing campaigns on mobile phones. …
Continue Reading
Supreme Court Holds Warrant Required to Obtain Historical Cell Phone Location Information
Posted on
Posted in Information Security, U.S. Federal Law
On June 22, 2018, the United States Supreme Court held in Carpenter v. United States that law enforcement agencies must obtain a warrant supported by probable cause to obtain historical cell-site location information from third-party providers.…
Continue Reading
Chicago Introduces Data Protection Ordinance
Posted on
Posted in Information Security, Online Privacy
Recently, the Personal Data Collection and Protection Ordinance was introduced to the Chicago City Council. The Ordinance would place requirements on businesses related to personal information, data breach notification and consent. …
Continue Reading
FTC Issues Warning Letters for Potential COPPA Violations
Posted on
On April 27, 2018, the FTC issued two warning letters to foreign marketers of geolocation tracking devices for violations of the U.S. Children’s Online Privacy Protection Act.…
Continue Reading
Mobile Phone Maker BLU Settles FTC Privacy and Data Security Claims
Posted on
Posted in Enforcement, Information Security
On April 30, 2018, the Federal Trade Commission announced that BLU Products, Inc. agreed to settle charges that the company allowed a third-party service provider to collect consumers’ personal information without their knowledge or consent, notwithstanding the company’s promises that it would keep the relevant information secure and private. …
Continue Reading
FTC Recommends Steps to Improve Mobile Device Security Update Practices
Posted on
Posted in Information Security
On February 28, 2018, the Federal Trade Commission issued a report, titled Mobile Security Updates: Understanding the Issues, that analyzes the process by which mobile devices sold in the U.S. receive security updates and provides recommendations for improvement.…
Continue Reading
Ninth Circuit Decision Bolsters FTC Authority Over Internet Service Providers
Posted on
On February 26, 2018, the United States Court of Appeals for the Ninth Circuit ruled in an en banc decision that the “common carrier” exception in the Federal Trade Commission Act is “activity-based,” and therefore applies only to the extent a common carrier is engaging in common carrier services.…
Continue Reading
FTC Issues Tips on VPN Apps
Posted on
Posted in Cybersecurity, Information Security
On February 22, 2018, the Federal Trade Commission published a blog post that provides tips on how consumers can use Virtual Private Network apps to protect their information while in transit over public networks.…
Continue Reading