Tag Archives: privacy

New York attorney general continues to pursue cybersecurity compliance with latest lawsuit

New York Attorney General (AG) Letitia James has sued Dunkin’ Brands, Inc. (franchisor of Dunkin’ Donuts) over two data breaches in 2015 and 2018, accusing the company of mishandling a series of cyberattacks that together compromised more than 320,000 customer accounts. In the complaint filed last week, AG James accused Dunkin’ of engaging in fraudulent practices and … Continue Reading

Litigation in the Forecast for Weather Channel App

On January 3, the city of Los Angeles accused TWC Product and Technology, LLC (“TWC”) (an International Business Machines Corporation subsidiary) of violating millions of American consumers’ privacy. In the civil lawsuit, Los Angeles City Attorney Michael Feuer alleged TWC misled users of its Weather Channel app to turn on precise location tracking by suggesting, … Continue Reading

Ready Tech Settles Privacy Shield Case with FTC

Late last year, the Federal Trade Commission (“FTC”) settled another enforcement action over false claims under the EU-U.S. Privacy Shield framework (the “Privacy Shield”). The FTC alleges that Ready Tech Corporation, a provider of online and instructor led training (“Ready-Tech”), falsely claimed in its privacy policy on its website that it was in the process … Continue Reading

New Year, New Vermont Law for Data Brokers

Effective January 1, 2019, a new Vermont law imposes data security and annual disclosure obligations on data brokerage companies (e.g., Acxiom, Experian, Epsilon). The law requires data brokers to register annually with the Vermont Attorney General and pay an annual registration fee. Data brokers must disclose annually to the State Attorney General, among other things, information … Continue Reading

COPPA Revisited: The Do Not Track Kids Act of 2018 Provides a Glimpse into What Lawmakers Could Do to Ground Services with Large Teen Customer Bases

In enacting the Children’s Online Privacy Protection Act, Congress determined that the safeguards built into the statute should apply only to children under 13. It sought to focus the restrictions on collection and use of personal information on younger children who are particularly vulnerable to marketing tactics because of their unfamiliarity with advertising and the … Continue Reading

ANA Urges Marketers to Help Fight California Data Privacy Measure

The Association of National Advertisers (ANA) is working with the California Chamber of Commerce and a broad range of companies and industry groups to oppose a California ballot initiative that would drastically change how consumer information is collected and shared. The California Consumer Privacy Act of 2018 would apply to almost every company that conducts … Continue Reading

Illinois Biometric Lawsuit Against Facebook Moves Through Court System

A 2015 lawsuit brought by Facebook users over the company’s alleged unauthorized collection of their facial features and other facial biometric data pursuant to the Illinois Biometric Information Privacy Act (“BIPA”) is slowly moving through the courts. The BIPA requires written notice and consent for the collection of biometric identifiers or biometric information of Illinois … Continue Reading

Keeping Your Biometrics Private

Suparossa Restaurant Group LLP, a Chicago-based restaurant company, has been served with a class action complaint alleging that the company has violated the Illinois Biometric Information Privacy Act (“BIPA”). The BIPA is an informed consent statute that establishes standards for employers that collect and store the biometric information of Illinois citizens. The act makes it … Continue Reading

NIST Updates Its Security and Privacy Guidance

Earlier this month, the National Institute of Standards and Technology (“NIST”) issued its fifth and latest draft of its “Security and Privacy Controls for Information Systems and Organizations” guidance document. The NIST guidance document expands on previous drafts that focused on privacy and security improvements for the federal government and now provides security and privacy … Continue Reading

Customers Sue Darden Restaurants Over Information on Receipts

A class action lawsuit was recently filed against Darden Restaurants, Inc. (“Darden”), alleging that Darden violated the Fair and Accurate Credit Transactions Act (“FACTA”). Specifically, the plaintiffs alleged that Darden, which includes Olive Garden among its restaurant chains, violated FACTA by printing the full expiration date on credit card receipts, allowing potential identity thieves to … Continue Reading

Proposed Class Action Targets Advertising to Drivers Using DMV Info

A class action filed this month alleges that car warranty company NRRM LLC used information obtained from Department of Motor Vehicles (“DMV”) records to market to consumers in violation of the Driver’s Privacy Protection Act (“DPPA”). The complaint alleges that NRRM’s third-party data suppliers provide it with personal information about drivers and their cars that … Continue Reading

Upromise Penalized for Violating FTC Privacy Order Over Rewards Program

Upromise found itself in front of the Federal Trade Commission answering very tough questions earlier this month. The inquiry was related to a 2012 order requiring that Upromise include disclosures about data collection practices and conduct third-party assessments about Upromise’s data security safeguards. The FTC alleged that Upromise failed to comply with the terms of … Continue Reading

Cause of Action Joins Defense of Electronics Maker in FTC Privacy Suit

The advocacy group Cause of Action has stepped in to help defend electronics maker D-Link in a suit brought by the Federal Trade Commission over the company’s purportedly insufficient protection of customers’ privacy. The FTC is targeting D-Link for making representations that its products, including wireless routers and Internet protocol cameras, feature strong security, even … Continue Reading

New Privacy Rules for Internet Service Providers

On October 27, 2016, the FCC adopted a new set of privacy and data security regulations applicable to “broadband service providers and other telecommunications carriers.” The rules place new restrictions on internet service providers’ (“ISPs”) ability to use and share their customers’ data. The Commission established two data classifications: (1) sensitive information, and (2) non-sensitive … Continue Reading

Google Makes Ad-Tracking Change in its Privacy Policy

In 2007, Google bought online ad network DoubleClick, which uses cookies to collect and store data about Google users from their browsing history, to best place clients’ ads. This past June, Google revised its privacy policy to state that users’ activities on other sites tracked by DoubleClick “may be associated with [their] personal information.”  This … Continue Reading

White House Announces New Privacy Officer

Last week, the Office of Management and Budget created a new dedicated position for privacy within the Office of Information and Regulatory Affairs (“OIRA”). The privacy position will streamline the United States Government’s privacy practices, including: Leading efforts to develop and implement consistent, comprehensive and forward-looking Federal privacy policies, strategies and practices across agencies; Collaborating … Continue Reading

NBA Team Sued By Fans Over Mobile Application

Earlier this week, a putative class action was brought against the NBA’s Golden State Warriors concerning the team’s mobile application. According to the complaint, the free app provides an interactive experience for fans by delivering scores, news and other information relevant to the Golden State Warriors. The plaintiffs allege that the app contains certain Bluetooth beacon software … Continue Reading

Privacy Watchdogs File Complaint With FTC over WhatsApp’s Privacy Policy Change

Yesterday, the Electronic Privacy Information Center (“EPIC”) and the Center for Digital Democracy (“CDD”) filed a complaint with the Federal Trade Commission against WhatsApp, Inc. According to the complaint, WhatsApp posted an entry on its company blog on August 25, 2016 announcing an update to its Terms of Service and Privacy Policy. The updated Privacy … Continue Reading

Oklahoma Joins the Rapidly Growing Number of States with Social Media Password Laws

On May 21, 2014, Oklahoma enacted H.B. 2372, following the trend outlined in our earlier article on the growing number of states prohibiting employers from requesting employee or applicant social media account passwords. H.B. 2372 prohibits employers from requesting or requiring the user name and password of employees' or applicants' personal social media accounts or demanding employees or applicants to access the accounts in front of the employer. The law also prohibits employers from firing, disciplining, or denying employment to employees or applicants who refuse to provide the requested information.… Continue Reading

Online Advertising Targeted by Federal Trade Commission

On May 15, 2014, Maneesha Mithal, Associate Director of the Division of Privacy and Identity Protection at the Federal Trade Commission ("FTC" or "Commission") testified, on behalf of the FTC, before the U.S. Senate Committee on Homeland Security and Governmental Affairs addressing the Commission's work regarding three consumer protection issues affecting online advertising: (1) privacy, (2) malware and (3) data security. Below is a summary of the Commission's testimony regarding these three key areas and the Commission's advice for additional steps to protect consumers.… Continue Reading

Privacy Issues Continue to Be Focus of State AGs

States continue to focus their investigation and enforcement efforts on privacy issues, with no sign that the focus will shift anytime soon. The most recent example is a $17 million settlement between 37 states (and D.C.) and Google related to Google’s use of tracking cookies on Safari browsers. For more information about this case and … Continue Reading

The Future Of Advertising – You Won’t Believe Your Eyes

Sci-fi fans will be familiar with the interactive ads featured in the world of the film Minority Report, starring Tom Cruise, where upon entering a shopping mall, shoppers’ eyes were scanned to allow the shops to specifically target ads based on a particular shopper’s previous habits, e.g. "Good afternoon, Mr. Yakamoto. How did you like … Continue Reading
LexBlog