Several Illinois BIPA lawsuits filed at the end of 2022
Between Dec. 22-30, 2022, numerous employment-related Illinois Biometric Information Privacy Act class-action lawsuits were filed in Cook County Circuit Court, the Cook County Record reports.
Discover the latest industry insights and developments with our News from Around the Web page. We curate feeds from a variety of reputable organizations, bringing you a comprehensive overview of relevant news and trends. Stay informed and connected with the most current updates from across the web.
NOYB publishes Irish DPC's decisions on Meta's legal basis for personalized ads
EU-based advocacy group NOYB published the Irish Data Protection Commission's final decisions invalidating Meta's contract basis for seeking user permission to collect data for personalized advertising on Facebook and Instagram. NOYB said the decisions — which followed complaints the group made in May 2018 on the day the EU General Data Protection Regulation took effect — "clearly shows massive disagreement" between the DPC and the European Data Protection Board.
FTC finalizes Drizly enforcement action
The U.S. Federal Trade Commission finalized enforcement action against online alcohol marketplace Drizly and CEO James Cory Rellas related to its 2020 data breach. The agency voted 4-0 on finalization after no further comments were submitted. The order calls on Drizly to destroy unnecessary data and implement data minimization and information security programs, while holding Rellas to individual requirements.
A pitch for harmonizing BCRs in the EU, UK
Hogan Lovells published a memorandum on a potential shared EU-U.K. framework for binding corporate rules to facilitate cross-border data transfers. The note, sent to relevant data protection authorities in the EU and the U.K., reflects stakeholder opinions presented at a joint workshop December 2022. The memorandum proposes implementation of "a system of mutual recognition of authorisations with minimal or reduced scrutiny, which would be complemented by a regulatory cooperation" between EU DPAs and the U.K.
OIG report finds US Department of Interior allows easily guessable passwords
The Office of the Inspector General for the U.S. Department of the Interior issued a report criticizing the department's cybersecurity practices, TechCrunch reports.
European Commission leaders warn TikTok to respect EU law
In a meeting with TikTok CEO Shou Zi Chew, European Commission officials focused on compliance with EU regulations and topics including efforts to protect children on the platform, Politico reports.
Report: Roomba beta testers claim iRobot misled them about personal data usage
Approximately a dozen beta testers of iRobot’s Roomba vacuum claim the company "misled" them about the use of their personal data, according to an MIT Technology Review investigation. Testers believe they did not consent to iRobot sharing "test users’ data in a sprawling, global data supply chain, where everything ... captured by the devices’ front-facing cameras could be seen," including facial images.
Facebook, Instagram to restrict advertisers access to teen user data
Meta said its Facebook and Instagram platforms will tighten restrictions on data available to advertisers to target teens, the Guardian reports. Starting in February, advertisers will no longer be able to access a user's gender or posts they have engaged with for targeted advertising. Instead, only a user's age and location will be available.
Op-ed: Consumer data privacy framework for health data required to protect women seeking abortions
In light of the Dobbs decision by the U.S. Supreme Court overturning Roe v. Wade, non-Health Insurance Portability and Accountability Act-covered entities, such as reproductive health applications, must be required to better protect user data, Center for Democracy and Technology legal intern Siddhu Anandalingam writes.