On November 25, 2022, Ireland’s Data Protection Commission released a decision fining Meta Platforms, Inc. €265 million for a 2019 data leak involving the personal information of approximately 533 million Facebook users worldwide.
Continue Reading Irish Data Protection Commission Fines Meta €265 Million for Privacy Violations

On November 21, 2022, Meta Platforms, Inc. announced updated practices designed to protect the privacy of young people on Facebook and Instagram, including default privacy settings for new accounts, measures to limit unwanted interactions with adult users, and a tool to limit the spread of teens’ intimate images online.
Continue Reading Meta Announces New Privacy Measures to Protect Teen Users’ Privacy

On October 26, 2022, House Energy and Commerce Committee and Consumer Protection and Commerce Subcommittee leaders sent letters to several toy manufacturers, including Bandai Namco, Hasbro, Mattel, MGA Entertainment, LEGO Group and the Toy Association, asking how they plan to protect children and their information from BigTech companies like TikTok and YouTube.
Continue Reading House Energy and Commerce Leaders Demand Information from Various Toy Manufacturers

On September 26, 2022, the UK Information Commissioner’s Office confirmed in a statement that it issued TikTok Inc. and TikTok Information Technology UK Limited a notice of intent to potentially impose a £27 million fine for failing to protect children’s privacy.
Continue Reading UK ICO Issues TikTok Notice of Intent with Possible £27 Million Fine for Children’s Privacy Violations

On September 15, 2022, California Governor Gavin Newsom signed into law the California Age-Appropriate Design Code Act. The Act, which takes effect July 1, 2024, places new legal obligations on companies with respect to online products and services that are likely to be accessed by children under the age of 18.
Continue Reading California Enacts the California Age-Appropriate Design Code Act

On September 5, 2022, the Irish Data Protection Commissioner imposed a €405,000,000 fine on Instagram for violations of the EU General Data Protection Regulation’s rules on the processing of children’s personal data.
Continue Reading Irish Data Protection Commissioner Fines Instagram for Children’s Privacy Violations

New York recently became the first state to require attorneys to complete at least one credit of cybersecurity, privacy and data protection training as part of their continuing legal education requirements. The new requirement will take effect July 1, 2023.
Continue Reading New York Becomes First State to Require CLE in Cybersecurity, Privacy and Data Protection

On July 6, 2022, the Better Business Bureau National Programs’ Children’s Advertising Review Unit (“CARU”) announced that it had found Outright Games in violation of the Children’s Online Privacy Protection Act (“COPPA”) and CARU’s Self-Regulatory Guidelines for Advertising and Guidelines for Children’s Online Privacy Protection. Outright Games owns and operates the Bratz Total Fashion Makeover app, which CARU determined to be a “mixed audience” child-directed app subject to COPPA and CARU’s Guidelines due to the app’s subject matter, bright colors, visual content, lively audio and gameplay features.

Continue Reading Children’s Advertising Review Unit Finds Outright Games in Violation of COPPA and CARU’s Advertising and Privacy Guidelines