On February 1, 2024, the Federal Trade Commission announced a proposed settlement with Blackbaud Inc. in connection with alleged security failures that resulted in a breach of the company’s network and access to the personal data of millions of consumers.
Continue Reading FTC Proposes Settlement with Blackbaud in Connection with Alleged Security Failures

On January 18, 2024, the Federal Trade Commission announced a proposed order against geolocation data broker InMarket Media, barring the company from selling or licensing precise location data. According to the FTC’s charges, InMarket failed to obtain informed consent from users of applications developed by the company and its third-party partners.
Continue Reading FTC Bans Data Broker from Selling Precise Consumer Location Data

On January 9, 2024, in its first settlement with a data broker concerning the collection and sale of sensitive location information, the Federal Trade Commission announced a proposed order against data broker X-Mode Social, Inc., and its successor Outlogic, LLC for unfair and deceptive acts or practices in violation of Section 5 of the FTC Act.
Continue Reading FTC Issues Proposed Order Against Data Broker X-Mode for Processing of Sensitive Location Information

On December 12, 2023, the Centre for Information Policy Leadership at Hunton Andrews Kurth LLP released a white paper on Privacy-Enhancing and Privacy-Preserving Technologies: Understanding the Role of PETs and PPTs in the Digital Age.
Continue Reading CIPL Releases Paper on Privacy-Enhancing and Privacy-Preserving Technologies: Understanding the Role of PETs and PPTs in the Digital Age

On November 28, 2023, the New York Department of Financial Services announced that First American Title Insurance Company, the second-largest title insurance company in the United States, would pay a $1 million penalty for violations of the NYDFS Cybersecurity Regulation in connection with a 2019 data breach.
Continue Reading New York Department of Financial Services Reaches $1 Million Dollar Settlement With First American Title Insurance in Data Breach Investigation

On November 16, 2023, the Federal Trade Commission released a proposed order in connection with a complaint filed in August of 2020 against Global Tel*Link Corp. and its subsidiaries, Telmate and TouchPay, which offers communication and payment services for incarcerated individuals.
Continue Reading In an FTC First, Proposed Order Requires Global Tel*Link Corp. to Notify Users and Facilities of Future Breaches

Patrick Gunning from King & Wood Mallesons reports that, on November 2, 2023, the Australian Information Commissioner filed proceedings in the Federal Court of Australia against Australian Clinical Labs Limited seeking a civil penalty in connection with the company’s response to a data breach that occurred in February 2022.
Continue Reading Australian Privacy Regulator Sues in Data Breach Case

On October 30, 2023, U.S. President Biden issued an Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence. It marks the Biden Administration’s most comprehensive action on artificial intelligence policy, building upon the Administration’s Blueprint for an AI Bill of Rights (issued in October 2022) and its announcement (in July 2023) of securing voluntary commitments from 15 leading AI companies to manage AI risks.
Continue Reading Biden AI Order Enables Agencies to Address Key Risks

On October 27, 2023, the Federal Trade Commission announced that it has approved an amendment to the Safeguards Rule that would require non-banking institutions to report certain data breaches to the FTC.
Continue Reading FTC Amends Safeguards Rule to Require Certain Financial Institutions to Report Data Security Breaches