The Federal Trade Commission has reached a settlement with WW International, Inc. and Kurbo, Inc. over allegations the companies improperly registered children for the “Kurbo by WW” online weight loss management program. In pleadings filed on February 16, 2022, in federal court in the Northern District of California, the FTC claims WW and Kurbo offered

On February 2, 2022, the Litigation Chamber of the Belgian Data Protection Authority imposed a 250,000 Euro fine against the Interactive Advertising Bureau Europe for several alleged infringements of the GDPR, following an investigation into IAB Europe’s Transparency and Consent Framework.
Continue Reading Belgian DPA Finds IAB Europe Transparency and Consent Framework in Violation of the GDPR

The Austrian data protection authority recently published a decision finding that the use of Google Analytics cookies violates both Chapter V of the GDPR, which establishes the rules on international data transfers, and the Schrems II judgment of the Court of Justice of the European Union.
Continue Reading Austrian DPA Finds Data Transfers Resulting from Analytics Cookie Use to Be in Violation of GDPR Data Transfer Requirements

Earlier this month, the Federal Trade Commission reached a $1.5 million settlement with loan application company ITMedia Solutions LLC over alleged violations of the FTC Act and Fair Credit Reporting Act. The FTC alleged that ITMedia deceptively acquired and indiscriminately shared consumers’ sensitive personal information under the guise of connecting them with lenders.
Continue Reading FTC Settles with Loan Application Company Over Alleged Misuse of Sensitive Personal Information

Earlier this month, the New Jersey Acting Attorney General Andrew Bruck announced that its Division of Consumer Affairs had reached a $425,000 settlement with three New Jersey-based providers of cancer care over alleged failures to adequately safeguard patient data.
Continue Reading NJ Acting Attorney General Announces $425,000 Fine to Settle Breach Investigation

On December 15, 2021, the Federal Trade Commission announced a $2 million settlement with OpenX Technologies in connection with alleged violations of the COPPA Rule and the FTC Act. The FTC alleged that OpenX knowingly collected personal information from children under 13 without parental consent and collected geolocation data from users who opted out of being tracked.
Continue Reading FTC Announces $2 Million Settlement with Ad Exchange Over Alleged COPPA Violations

The Irish Data Protection Commissioner has submitted a draft decision on Facebook Ireland Limited’s data protection compliance to other European regulators under the cooperation mechanism of the EU General Data Protection Regulation. The DPC proposed a fine for infringements of the transparency obligations under the GDPR, specifically with respect to the legal basis upon which Facebook relied.
Continue Reading Irish DPC Draft Decision Permits Facebook to Rely on Contractual Necessity for Behavioral Advertising

On September 14, 2021, the Federal Trade Commission authorized new compulsory process resolutions in the eight key enforcement areas: (1) Acts or Practices Affecting United States Armed Forces Members and Veterans; (2) Acts of Practices Affecting Children; (3) Bias in Algorithms and Biometrics; (4) Deceptive and Manipulative Conduct on the Internet; (5) Repair Restrictions; (6) Abuse of Intellectual Property; (7) Common Directors and Officers and Common Ownership and (8) Monopolization Offenses.
Continue Reading FTC Authorizes New Compulsory Process Resolutions in Eight Key Enforcement Areas

On September 15, 2021, the Federal Trade Commission issued a Policy Statement to clarify the scope of the FTC’s Health Breach Notification Rule as it relates to health apps and connected devices.
Continue Reading FTC Issues Guidance Clarifying Scope of Its Health Breach Notification Rule for Health Apps and Connected Devices