General Motors (GM) has agreed to pay $12.75 million to settle allegations that it violated California’s Consumer Privacy Act (CCPA) by selling drivers’ location and other data, California Attorney General Rob Bonta announced. GM allegedly collected the data through consumers’ use of OnStar, a program installed in GM cars, which can provide directions or summon […]
Data Privacy
Posted inData Privacy
Companies should brace for scrutiny, fines after EDPB’s latest GDPR investigation
The European Data Protection Board has made checking organizations’ compliance with the GDPR’s transparency requirements a key area of focus for the coming year under its Coordinated Enforcement Framework.
Posted inRegulatory Policy
Virginia bans sale of personal location data
Businesses operating in Virginia are barred from selling consumers’ precise location data, under legislation signed into law Tuesday by Gov. Abigail Spanberger.
Posted inData Privacy
Navigating APAC data privacy laws: A compliance roadmap
Fragmented regulations across the APAC region are forcing compliance teams to rethink strategies that worked under GDPR.
Posted inData Privacy
Disney pays $2.75M to California for alleged privacy violations
Disney has agreed to pay $2.75 million to settle allegations by California that its streaming service sold the personal information of subscribers without their permission.
Posted inData Privacy
FTC warns brokers to stop selling U.S. military member data to foreign adversaries
Thirteen data brokers have been warned by the Federal Trade Commission to come into compliance with a 2024 law prohibiting the selling of the personal data of U.S. residents to foreign adversaries.
Posted inData Privacy
FTC puts GM’s puts connected vehicle data practices under compliance spotlight
The U.S. Federal Trade Commission finalized its order against General Motors and its OnStar subsidiary over the improper usage of geolocation and driving behavior data of drivers.
Posted inData Privacy
Safely leveraging generative AI: A practical guide for compliance leaders
Generative AI (GenAI) has moved rapidly from experimentation into day-to-day use across many organizations. Over the past year, teams have shifted from exploratory pilots to relying on these tools for core activities such as contract analysis, research, and software development.
Posted inEurope
EU moves to simplify GDPR and AI Act obligations, raising compliance questions for companies
For the past decade, Europe has led in creating strong but flexible rules for data use and safe AI development. The EU’s new plans to simplify key data privacy and AI governance measures have received a mixed response.
Posted inData Privacy
U.K. data regulator pushes transparency on investigations while businesses seek clarity on compliance
Plans to increase transparency around how the U.K.’s Information Commissioner investigates and fines companies should give businesses more clarity, but experts say the regulator still needs to explain how it will prioritize cases.
