On July 29, 2019, the Court of Justice of the European Union released its judgment in case C-40/17, Fashion ID GmbH & Co. KG vs. Verbraucherzentrale NRW eV, ruling that Fashion ID should be considered a joint controller with Facebook regarding the collection and disclosure of personal data to Facebook as a result of embedding the Facebook ‘Like’ button on its website.
Continue Reading
Social Media
Ninth Circuit Rejects Facial Recognition Claim Against Facebook
Posted on
Posted in Information Security
On June 14, 2019, the United States Court of Appeals for the Ninth Circuit affirmed summary judgment in favor of Facebook, holding that the company did not violate the Illinois Biometric Information Privacy Act. This blog entry provides an overview of the case.…
Continue Reading
CNIL Publishes Action Plan Regarding Online Targeted Advertising
Posted on
On June 28, 2019, the French data protection authority published its action plan for 2019-2020 to specify the rules applicable to online targeted advertising and to support businesses in their compliance efforts.…
Continue Reading
UK Seeks to Establish Internet Watchdog
Posted on
In April 2019, the UK Department for Digital, Culture, Media and Sport announced in its Online Harms White Paper proposals for a new regulatory framework to make companies more responsible for users’ online safety.…
Continue Reading
EDPB Releases Two-Year Work Program
Posted on
Posted in European Union, International
On February 12, 2019, the European Data Protection Board released its work program for 2019 and 2020. This blog entry provides highlights on the work program’s topic areas. …
Continue Reading
Vietnam Approves New Cybersecurity Law
Posted on
On June 12, 2018, Vietnam’s parliament approved a new cybersecurity law that contains data localization requirements, among other obligations.…
Continue Reading
Facebook Publishes Privacy Principles and Announces Introduction of Privacy Center
Posted on
Posted in Information Security, Online Privacy
On January 28, 2018, Facebook published its privacy principles and announced that it will centralize its privacy settings in a single place.…
Continue Reading
Advocate General Rejects Facebook’s Claim of Sole Irish Jurisdiction in EU
Posted on
On October 24, 2017, an opinion issued by the EU’s Advocate General Bot rejected Facebook’s assertion that its EU data processing activities fall solely under the jurisdiction of the Irish Data Protection Commissioner. The opinion relates to the CJEU case C-210/16, under which the German courts sought to clarify whether the DPA in the German state of Schleswig-Holstein could take action against Facebook regarding its use of web tracking technologies on a German education provider’s fan page without first providing notice. …
Continue Reading
Washington Becomes Third State to Enact Biometric Privacy Law
Posted on
Posted in Information Security, U.S. State Law
On May 16, 2017, the Governor of the State of Washington, Jay Inslee, signed into law House Bill 1493, which sets forth requirements for businesses who collect and use biometric identifiers for commercial purposes. The law will become effective on July 23, 2017. Washington becomes the third state to pass legislation regulating the commercial use of biometric identifiers.…
Continue Reading
Texas AG Settles Suit with Messaging App Over Children’s Data Practices
Posted on
On October 3, 2016, the Texas Attorney General announced a $30,000 settlement with mobile app developer Juxta Labs stemming from allegations that the company engaged in deceptive practices regarding its collection of personal information from children.…
Continue Reading