New York Attorney General (AG) Letitia James has sued Dunkin’ Brands, Inc. (franchisor of Dunkin’ Donuts) over two data breaches in 2015 and 2018, accusing the company of mishandling a series of cyberattacks that together compromised more than 320,000 customer accounts. In the complaint filed last week, AG James accused Dunkin’ of engaging in fraudulent practices and … Continue Reading
Effective January 1, 2019, a new Vermont law imposes data security and annual disclosure obligations on data brokerage companies (e.g., Acxiom, Experian, Epsilon). The law requires data brokers to register annually with the Vermont Attorney General and pay an annual registration fee. Data brokers must disclose annually to the State Attorney General, among other things, information … Continue Reading
At the ANA’s March ANA Advertising Law & Public Policy Conference, a panel discussed how advertisers need to be on top of who has, or is, collecting advertiser data, what are they doing with it, how to access to it, and whether (or how) to use those data assets in data-driven transactions. As a follow up … Continue Reading
A class action lawsuit was filed in California yesterday against Hey, Inc. and Twitter regarding Hey’s online trading game in which players collect profiles of (and use virtual currency to invest in) real-life people as if they were baseball cards. App users may purchase virtual currency to buy and trade these profiles. According to the … Continue Reading
The UK data protection watchdog, the Information Commissioner’s Office (ICO), has published its long-awaited guidance on the factors it will take into account when considering whether to initiate enforcement action for data protection breaches and what form any such action should take. Its Data Protection Regulatory Action Policy, comes in the wake of yet another serious data breach by a … Continue Reading
The UK Information Commissioner’s Office (ICO) has received 169 complaints thus far about websites failing to comply with the cookie law that came into force on May 26. Operators of UK websites were given until that date to ensure that user consent for cookies is obtained prior to access to the website being granted, although … Continue Reading
The European Commission has proposed a review of the 1995 Data Protection Directive in a bid to keep up with fast paced technological development in the digital world. The Commission hopes new rules will strengthen online privacy, cut down burdensome administrative costs and reinforce consumer trust online. The Commission’s proposals will be passed to European … Continue Reading
At last, common sense has triumphed with the Information Commissioner’s Office (ICO) issuing a press release confirming that the Data Protection Act 1998 does not prevent family and friends from taking photographs at school concerts or plays this Christmas, but that doesn’t mean little Johnny can appear in the next sweetie ad! The ICO emphasised … Continue Reading
Governments across the world are increasingly under pressure from privacy advocates and some consumers to better regulate the use of personal data on line. Under Ed Vaizey’s proposed plan announced last week, Google and Facebook and other social media networks and search engines would be required to sign up to a new code under which consumers would … Continue Reading