Data Privacy


Amazon Alexa

News Brief

FTC orders Amazon pay $30M for alleged Alexa, Ring privacy violations

2023-06-01T20:34:00+01:00By

Amazon is set to pay more than $30 million comprised of a civil penalty and consumer refunds to resolve two separate cases alleging privacy violations regarding its Alexa voice assistant service and Ring doorbell subsidiary.

GDPR gears

Premium

Five years of GDPR: Experts forecast changes to come for landmark privacy law

2023-06-01T14:41:00+01:00By

The fifth anniversary of the European Union’s General Data Protection Regulation coming into force has highlighted the many successes of the legislation but also exposed areas where the law is still untested and unclear.

Meta building

Premium

Record Meta fine brings wider GDPR ramifications for EU-U.S. data transfers

2023-05-26T16:21:00+01:00By

Meta’s latest punishment for breaching the European Union’s General Data Protection Regulation will have far-reaching ramifications for companies both in Europe and beyond.

GDPR_gavel

Premium

Five years in, GDPR still a lightning rod for criticism

2023-05-25T18:04:00+01:00By

The General Data Protection Regulation risks losing credibility if enforcement is not harmonized and privacy by design is not at the heart of tech innovation, said EU officials during a summit marking the fifth anniversary of the legislation.

Social media

News Brief

Surgeon general joins call to enhance children’s online privacy

2023-05-24T19:23:00+01:00By

The U.S. surgeon general issued a “call for urgent action” to policymakers about further limiting social media access for youth, along with enhancing online privacy protections for children.

onetrust thumbnail

Resource

e-Book: Navigating changing U.S. data privacy landscape

2023-05-24T04:39:00+01:00Provided by

Businesses are watching five U.S. states where new or amended consumer privacy laws are set to take effect this year. Learn best practices for confronting compliance with multiple state data privacy laws.

Facebook Ireland

News Brief

Meta fined record $1.3B in GDPR data transfer ruling

2023-05-22T16:43:00+01:00By

The Irish Data Protection Commission announced a record penalty of €1.2 billion (U.S. $1.3 billion) against Meta regarding its transfers of user data from the European Union to the United States in violation of the General Data Protection Regulation.

FacialRecognition

News Brief

FTC warns businesses to risk assess uses of biometric technologies

2023-05-19T17:02:00+01:00By

Businesses that make false or unsubstantiated claims regarding facial recognition and other biometric technologies could face enforcement from the Federal Trade Commission, the agency warned in a policy statement.

Austrian Post

Premium

Experts: Austrian Post GDPR ruling offers clarity on damages compensation

2023-05-12T13:51:00+01:00By

A decision by Europe’s Supreme Court regarding Austria’s main postal service might make it easier for the bloc’s citizens to bring legal claims for privacy breaches—with potentially unlimited scope for damages.

Clearview AI

News Brief

French DPA fines Clearview AI $5.7M for noncompliance with previous order

2023-05-11T20:37:00+01:00By

France’s data protection authority last month fined facial recognition company Clearview AI €5.2 million (then-U.S. $5.7 million) for failing to comply with an October order to cease and desist from further violations of the General Data Protection Regulation.

Croatia

News Brief

Croatian DPA levies largest GDPR fine

2023-05-09T13:28:00+01:00By

The Croatian data protection authority handed down its largest penalty under the General Data Protection Regulation to date: a fine of nearly €2.3 million (U.S. $2.5 million) against debt collector B2 Kapital.

Facebook

News Brief

Facebook faces data monetization limits in third FTC order

2023-05-04T20:37:00+01:00By

Facebook violated a 2020 data privacy order that mandated enhanced privacy controls for users, the Federal Trade Commission alleged, recommending stricter controls be imposed on the social media giant.

Meta building

Premium

Big Tech, ad industry bracing for Meta data transfer decision

2023-05-04T20:21:00+01:00By

Meta and other Big Tech firms will soon learn if they might be prevented from transferring the personal data of European citizens to the United States in the way they do now.

Indy_Web

News Brief

Indiana privacy bill signed into law; effective 2026

2023-05-03T19:52:00+01:00By

Indiana became the latest in a growing number of U.S. states with a comprehensive consumer data privacy law on the books.

ChatGPT

News Brief

​ChatGPT back in Italy after user privacy updates

2023-04-28T19:08:00+01:00By

ChatGPT restored access for Italian users after changes to its privacy controls were welcomed by the country’s data protection authority.

ChatGPT logo

Premium

Is ChatGPT the privacy problem? Or is GDPR?

2023-04-26T15:23:00+01:00By

Scrutiny into ChatGPT has reignited concerns the General Data Protection Regulation is either stifling innovations in technology or that the legislation is not flexible enough to keep pace with technological advances. Experts weigh in.

exterro300x200

Webcast

CPE Webcast: The art of data retention: Navigating the compliance trifecta

2023-04-25T14:00:00+01:00Provided by

In this webinar, we will share key insights from a recent data retention survey and explore the strategies and best practices that information governance and privacy professionals can employ to effectively manage data retention.

GDPR EU flag

Premium

‘Divergence is coming’: Experts cast doubt on EU adopting U.K. GDPR reforms

2023-04-24T14:05:00+01:00By

Despite suggestions the European Union could look to the United Kingdom when considering future changes to the General Data Protection Regulation, legal experts question the impact planned U.K. reforms to the privacy law will have on multinational businesses.

ChatGPT logo

News Brief

EDPB task force latest scrutinizing ChatGPT, AI accountability

2023-04-13T19:52:00+01:00By

The European Data Protection Board is the latest regulatory body assessing the applicability of ChatGPT amid skyrocketing data privacy concerns regarding the popular artificial intelligence platform.

chatgpt_web

Premium

How to avoid pitfalls of scaling business with generative AI

2023-04-11T19:10:00+01:00By

Generative AI has the potential to be as game-changing for business and society as the internet, social media, and mobile phones were. At the moment, however, the risks seem to outweigh the rewards.

California AG

Premium

As final CPRA rules trickle out, a reminder companies must ‘grow with the law’

2023-04-10T21:31:00+01:00By

If companies haven’t started the process of coming into compliance with the California’s sweeping new privacy law, they need to begin now.

Nicodemus_opinion

Opinion

Alleged fraudster cited privacy in duping JPMorgan into $175M merger

2023-04-05T19:23:00+01:00By

Charlie Javice and her startup Frank allegedly convinced the country’s largest bank to pay $175 million for what largely amounted to a list of fake college students. The apparent due diligence failures by JPMorgan Chase offer a cautionary tale to compliance professionals.

TikTok

News Brief

TikTok fined $15.9M for violations of U.K. GDPR

2023-04-04T20:12:00+01:00By

Social media platform TikTok was fined £12.7 million (U.S. $15.9 million) by the U.K. Information Commissioner’s Office for using the personal data of children without parental consent and other violations of data protection mandates.

chatgpt_web

News Brief

ChatGPT exits Italy after GDPR violation warning

2023-04-03T18:13:00+01:00By

The Italian data protection authority shut down ChatGPT in the country, alleging the AI chatbot violates European Union privacy laws and has no controls to stop it interacting inappropriately with young children.

Iowa State Capitol

News Brief

Iowa privacy bill signed into law; effective 2025

2023-03-29T13:55:00+01:00By

Iowa became the sixth U.S. state to pass comprehensive data protection legislation allowing residents control over how their personal information is accessed and shared.

exterro300x200

Webcast

CPE Webcast: Piecing together child privacy for organizations

2023-03-28T14:00:00+01:00Provided by

With the Federal Trade Commission cracking down on violations of the Children’s Online Privacy Protection Act, evidenced by its $275 million fine against Epic Games, it’s clear child privacy and parental consent are hot topics in the world of enterprises.

Data lock

Premium

Survey: Tech key to compliance in changing data privacy landscape

2023-03-27T12:00:00+01:00By

Respondents to a survey from Compliance Week and Exterro largely said they were confident their organizations are meeting regulatory requirements regarding data privacy despite evidence their data retention policies and procedures are outdated.

exterro thumbnail 2023

Resource

e-Book: Tech’s role in changing data privacy compliance landscape

2023-03-24T06:44:00+00:00Provided by

When it comes to keeping up with data privacy regulation, organizations would be wise to adopt a more comprehensive technology solution to drive efficiency and minimize human error.

TikTok

News Brief

TikTok CEO to boast data security efforts in Congress testimony

2023-03-22T16:55:00+00:00By

The fate of popular social media app TikTok in the United States could hinge on the testimony of CEO Shou Zi Chew before the House Committee on Energy and Commerce.

Binary

News Brief

CFPB eyeing data broker practices in planned rulemaking push

2023-03-16T17:06:00+00:00By

The Consumer Financial Protection Bureau is asking companies that “track and collect information on people’s personal lives” to provide information to the agency as it considers rulemaking under the Fair Credit Reporting Act.

London cityscape

News Brief

U.K. moves forward with GDPR reform bill

2023-03-09T15:32:00+00:00By

The U.K. government formally introduced a bill to reform the country’s data privacy laws in a manner projected to save British businesses “billions.”

Employee monitoring

News Brief

CFPB, NLRB to collaborate on monitoring employee surveillance

2023-03-08T22:40:00+00:00By

The Consumer Financial Protection Bureau and National Labor Relations Board pledged to share information regarding instances of improper employer use of surveillance tools and the sale of employees’ personal information.

Virgin Media

Premium

U.K. push for GDPR reprimand transparency draws mixed reviews

2023-03-08T13:00:00+00:00By

The U.K. Information Commissioner’s Office began publishing the details of cases where organizations breached the General Data Protection Regulation but were not fined. Legal experts share their take on the initiative.

ask cco 3x2 20235

Premium

Ask a CCO: What matters most in federal privacy law?

2023-03-03T14:00:00+00:00By Compliance Week

Four senior compliance practitioners provide their opinions on what a federal privacy law in the United States should strive to accomplish.

EU US privacy

Premium

Privacy Shield replacement on track, though hurdles remain

2023-03-03T14:00:00+00:00By

The agreement on a new framework for transatlantic data flows between the United States and European Union could be finalized this year. Whether it can stand legal scrutiny is the real question.

FTC building

News Brief

FTC proposes BetterHelp pay $7.8M for sharing health data

2023-03-02T21:17:00+00:00By

The Federal Trade Commission proposed requiring online counseling service BetterHelp to pay $7.8 million as part of a settlement addressing charges it shared clients’ personal health data with Facebook, Snapchat, and other third parties for advertising purposes.

Energy company

News Brief

Italian DPA fines Edison Energia $5.2M over GDPR lapses

2023-03-02T17:51:00+00:00By

The Italian data protection authority penalized electric utility company Edison Energia for multiple alleged violations of the General Data Protection Regulation regarding marketing communications and data processing transparency.

ask cco 3x2 20234

Premium

Ask a CCO: Most difficult element of data privacy compliance

2023-03-02T14:00:00+00:00By Compliance Week

Four senior compliance practitioners offer their take on the elements of data privacy compliance businesses can expect to be most difficult to confront.

ask cco 3x2 20233

Premium

Ask a CCO: Company investment in data privacy efforts

2023-03-01T14:00:00+00:00By Compliance Week

Four senior compliance practitioners discuss how their respective companies invest in compliance with varying data privacy requirements.

California

Premium

California ‘setting the tone’ for privacy push with CPRA updates

2023-03-01T14:00:00+00:00By

Changes to the California Consumer Privacy Act set to come over the course of 2023 strengthen the nation’s first comprehensive state privacy law to a benchmark no other states have yet to equal.

HHS building

News Brief

HHS creates new enforcement office for health privacy

2023-02-28T20:20:00+00:00By

The Department of Health and Human Services and its office responsible for enforcing health privacy reorganized so it can sharpen enforcement of cybersecurity and data breaches.

ask cco 3x2 20232

Premium

Ask a CCO: Roles in data privacy compliance efforts

2023-02-28T14:00:00+00:00By Compliance Week

Four senior compliance practitioners share their roles in ensuring data privacy compliance at their respective companies and the other departments that support their efforts.

Congress

Premium

Congress or FTC? What about SEC? Where U.S. federal privacy legislation efforts stand in 2023

2023-02-28T14:00:00+00:00By

As more state laws hit the books, businesses are more adamant than ever Congress needs to pass a federal data privacy law. If lawmakers don’t rise to the occasion, which government agency might?

Experian sign

Premium

Ruling in Experian GDPR case thrusts ‘legitimate interest’ into spotlight

2023-02-28T13:00:00+00:00By

Experian won a legal battle against the U.K. Information Commissioner’s Office after the data regulator ordered the credit reference agency to make “fundamental changes” over the way it handled personal data for direct marketing purposes or stop altogether.

ask cco 3x2 2023

Premium

Ask a CCO: Plan for complying with varied U.S. privacy laws

2023-02-27T14:00:00+00:00By Compliance Week

Four senior compliance practitioners detail steps their respective companies are taking to confront the expanding U.S. data privacy legislation landscape.

U.S. privacy

Premium

Best practices for navigating changing U.S. data privacy landscape

2023-02-27T14:00:00+00:00By

With five new or amended state laws set to hit the books in 2023, companies would be wise to ensure their data privacy compliance house is in order—and start preparing for the next wave of legislation.

chatgpt_web

Premium

ChatGPT comes with compliance caveats, experts warn

2023-02-23T17:10:00+00:00By

There are downsides to every new technology, and artificial intelligence and machine learning are no exception. Experts discussed the importance for compliance professionals to understand the risks of such tools at CW’s virtual Cyber Risk & Data Privacy Summit.

Replika

Premium

GDPR push for privacy by design still ‘a long way off’

2023-02-16T21:00:00+00:00By

Italy’s data protection authority banned U.S.-based AI chatbot creator Replika from processing the personal data of Italian users because of risks the service posed to minors and vulnerable people—the latest example of a tech company’s product running afoul of the GDPR.

California flag

News Brief

CPPA seeking comment on cybersecurity audit, risk assessment rule adds

2023-02-13T19:00:00+00:00By

The California Privacy Protection Agency is seeking comment on privacy rules requiring certain large businesses to conduct annual cybersecurity audits and risk assessments if the state believes they are placing consumer data at risk.

Health records

News Brief

Sens press telehealth firms on alleged sharing of patient data for ads

2023-02-09T21:55:00+00:00By

A bipartisan group of senators is leaning on three telehealth firms accused of tracking and sharing patients’ sensitive personal information with advertising platforms like Google and Facebook.