On December 10, 2020, the French Data Protection Authority announced that it has levied fines on Google LLC, Google Ireland Limited and Amazon Europe Core for alleged violations of the French cookie rules. This post examines the French cookie rules, CNIL’s territorial jurisdiction, the investigations and the sanctions levied against each company.
Continue Reading CNIL Fines Google and Amazon 135 Million Euros for Alleged Cookie Violations

On November 27, 2020, New Mexico Attorney General Hector Balderas filed a notice of appeal to the U.S. Court of Appeals for the Tenth Circuit in the lawsuit it brought against Google on February 20, 2020, regarding alleged violations of the federal Children’s Online Privacy Protection Act in connection with G-Suite for Education.
Continue Reading New Mexico AG Files Notice of Appeal in Suit Against Google Regarding Alleged Violations of COPPA

On September 25, 2020, the District Court of New Mexico granted Google’s motion to dismiss a suit filed by New Mexico Attorney General Hector Balderas alleging, among other claims, that the company violated the federal Children’s Online Privacy Protection Act by using G Suite for Education to “spy on New Mexico students’ online activities for its own commercial purposes, without notice to parents and without attempting to obtain parental consent.”
Continue Reading New Mexico AG Suit Against Google Regarding Alleged Violations of COPPA Dismissed

On September 8, 2020, AB-1138, the Parent’s Accountability and Child Protection Act, was enrolled and presented to the California Governor for signature. If signed into law by the Governor, the bill would require a business that operates a social media website or application, beginning July 1, 2021, to obtain verifiable parental consent for California-based children the business “actually knows” is under 13 years of age.
Continue Reading California Legislature Passes Bill Requiring Social Media Companies to Obtain Parental Consent for California-based Children Under 13

On February 10, 2020, the Belgian Data Protection Authority published its Recommendation on data processing activities for direct marketing purposes. The Recommendation aims to clarify the complex rules relating to processing personal data for direct marketing purposes.
Continue Reading Belgian Data Protection Authority Releases Direct Marketing Recommendation