Penalty

Subscribe to Penalty

On December 15, 2021, the Federal Trade Commission announced a $2 million settlement with OpenX Technologies in connection with alleged violations of the COPPA Rule and the FTC Act. The FTC alleged that OpenX knowingly collected personal information from children under 13 without parental consent and collected geolocation data from users who opted out of being tracked.
Continue Reading FTC Announces $2 Million Settlement with Ad Exchange Over Alleged COPPA Violations

The Irish Data Protection Commissioner has submitted a draft decision on Facebook Ireland Limited’s data protection compliance to other European regulators under the cooperation mechanism of the EU General Data Protection Regulation. The DPC proposed a fine for infringements of the transparency obligations under the GDPR, specifically with respect to the legal basis upon which Facebook relied.
Continue Reading Irish DPC Draft Decision Permits Facebook to Rely on Contractual Necessity for Behavioral Advertising

On September 14, 2021, the Federal Trade Commission authorized new compulsory process resolutions in the eight key enforcement areas: (1) Acts or Practices Affecting United States Armed Forces Members and Veterans; (2) Acts of Practices Affecting Children; (3) Bias in Algorithms and Biometrics; (4) Deceptive and Manipulative Conduct on the Internet; (5) Repair Restrictions; (6) Abuse of Intellectual Property; (7) Common Directors and Officers and Common Ownership and (8) Monopolization Offenses.
Continue Reading FTC Authorizes New Compulsory Process Resolutions in Eight Key Enforcement Areas

On September 15, 2021, the Federal Trade Commission issued a Policy Statement to clarify the scope of the FTC’s Health Breach Notification Rule as it relates to health apps and connected devices.
Continue Reading FTC Issues Guidance Clarifying Scope of Its Health Breach Notification Rule for Health Apps and Connected Devices

On September 1, 2021, the FTC banned the operator of a stalkerware app company and its CEO from offering, promoting, selling or advertising any surveillance app, service or business, alleging that the app allowed purchasers to illegally surveil other individuals by monitoring their device activity without their knowledge.
Continue Reading FTC Bans Stalkerware App Company from the Surveillance Business and Orders Company to Delete Any Illegally Collected Information

On September 2, 2021, Ireland’s Data Protection Commission announced a fine of €225 million ($266 million) against WhatsApp Ireland Ltd for failure to meet the transparency requirements of Articles 12-14 of the EU General Data Protection Regulation.
Continue Reading Irish Commissioner Fines WhatsApp €225 Million For GDPR Violations

On August 30, 2021, the U.S. Securities and Exchange Commission announced it had settled three administrative cases involving a total of eight registered broker-dealers and investment advisers for failures in their cybersecurity policies and procedures.
Continue Reading SEC Charges Investment Advisers and Broker-Dealers with Deficient Cybersecurity Procedures

The U.S. Securities and Exchange Commission recently announced that Pearson plc agreed to pay a $1 million civil penalty in a settlement related to charges that Pearson misled investors about a 2018 data breach resulting in the theft of millions of student records, including birth dates and email addresses.
Continue Reading SEC Sanctions Public Company for Misleading Disclosures About Data Breach

On August 9, 2021, the UK First-Tier Tribunal (General Regulatory Chamber) (“FTT”) reduced a fine imposed by the UK Information Commissioner’s Office (“ICO”) against Doorstep Dispensaree Ltd (“DDL”) from £275,000 to £92,000, a reduction of approximately two thirds. DDL, which supplies medicines to customers and care homes, was fined in December 2019 for failure to comply with the EU General Data Protection Regulation (“GDPR”). The ICO also issued an Enforcement Notice, requiring DDL to take certain actions to bring its processing into compliance.

Continue Reading UK First-Tier Tribunal Cuts ICO’s Doorstep Dispensaree Fine by Two Thirds