Are People Going Back to their Offices in Brazil After COVID?
With companies continuing to give their employees the option about returning to the office for those that stay at home a secure VPN is vital
New Foundation Thinking Required Around Privacy
Value Privacy's experts say management need a better understanding of how fast privacy is changing standard privacy practices
Real Estate Companies Don’t Need to Worry About Privacy – Right?
Real estate companies can believe data privacy doesn't apply as they handle property, not people, we've seen recently why this isn't the case
Why Can Criminal Background Checks on Job Applicants Present a Risk
Following a fine for a transportation company it's now come into question; what can companies do when it comes to criminal background checks?
Global Privacy Trends Around Data Minimization Continue at Speed
Chile is making amendments which will change the way data and privacy needs to be handled by all data controllers.
Why Website Developers Should Stop Using Google Analytics and Have an Internal Privacy Strategy
Following the Schrems II decision, using Google Analytics poses risks to any organizations using their functionality.
Protecting Persona Privacy rights – Federal Bill Helps Individuals Delete PI Across All Data Brokers
Proposed DELETE Act will make it simpler to request deletion of their information across all data brokers
Indiana Proposes Consumer Data Protection Act
If passed, consumers must be provided one or more secure and reliable means to submit a consumer request…
Doing business in Brazil – Rio de Janeiro Fines Food Delivery Platform R$1,508,240
In a sign of what is to come in Brazil, this food delivery company did not value its…
Brazil Enshrines Right to Data Protection in Constitution
An important milestone where, Effective February 10, 2022, Brazilians have the constitutional right to the protection of their…
Update – Brazil LGPD news
Value Privacy is able to report that the Brazil Court of Justice upheld the urgent injunction filed by…
Attention CMOs and Ad Individual value their privacy and right to be let alone and they are going to court to protect those rights
An individual alleged he received around 550 calls in total, often multiple calls a day despite revoking his consent to be contacted.
Did this Ad Tech Company Value Privacy correctly – if so why are they on Hook for $7.5 Million for COPPA Violations for “child directed data collection”
A Californian Court granted the FTC an injunction against a company for failing to to flag hundreds of apps as "child-directed".
Colorado AG Agrees to $80,000 Settlement with Construction Company
A construction company's employees stored customer personal information in their work email accounts for as long as 20 years
LGPD Information Security for Small Businesses
ANPD has provided advice for small businesses to teach their employees about information security in the workplace.
New York Proposes the Digital Fairness Act
If passed, entities that process the PI of 500 or more unique individuals must obtain explicit, informed opt-in…
Negative Option Marketing – FTC warning
In response to rising complaints, the FTC cautions companies against using negative option marketing as dark patterns to trick or mislead consumers…
Brazil ANPD Defines LGPD Investigation and Enforcement
Effective October 29, 2021, the ANPD is able to monitor, inspect and apply administrative sanctions for LGPD compliance in accordance with the…
Biometrics: Illinois Court Allows BIPA Class Action Against Airline Baggage Handler
Employees filed a class action alleging the company collected their fingerprint data, but failed to provide a retention…
Schrems II – Adequacy: CJEU Finds SCCs Valid, But Invalidates Privacy Shield
The Schrems II decision found that effective mechanisms are in place to ensure SCCs comply with EU requirements…
Massachusetts Proposes Comprehensive Privacy Act
Titled the Massachusetts Information Privacy Act, Bill S.46 is currently under review by a joint committee on information technology;…
Oklahoma Proposes Comprehensive Privacy Act
If passed, entities that do business in Oklahoma must comply with consumers’ requests for access, correction and deletion…
Policies: DPA Peru Clarifies Position of the Law on Data in Transit
The DPA clarified that the Data Protection Act does not apply to data in transit through Peru; the…
Ireland DPC Proposes to Fine Facebook
The Irish DPC agreed with Facebook’s legal basis for processing user data (for purposes of performing a contract…
Regulators Powers: FINRA Sweep on Social Media Use and User Tracking
In a targeted exam letter, FINRA informs regulated firms of its investigation of the use of social media…
Federal Law Protects K-12 Institutions From Cyber Events
The K-12 Cybersecurity Act, passed on October 8th, 2021, aims to protect sensitive information maintained by schools across the United…
FTC Fines Cruise Line for Unauthorised Robocalls
The company’s telemarketing operation bought call lists from lead generators that conducted illegal survey robocalls to identify potential…
Do you hate Robocalls
Beginning September 28, 2021, if a voice service provider’s certification and other required information fails to appear in the FCC’s Robocall Mitigation…
California Governor Signs Genetic Information Privacy Act into Law
Effective immediately, companies must develop procedures and practices to enable consumers to exercise their rights (such as being…
Ireland DPC Proposes to Fine Facebook
The Irish DPC agreed with Facebook’s legal basis for processing user data (for purposes of performing a contract which…
BC Court Approves $1,550,000 Class Action Against Airline
After an airline suffered a data breach in 2018 that disclosed the personal information of up to 9.4 million…
Australia Regulates Spam Unsubscribe Requests
As of April 1, 2021 anyone who receives commercial electronic messages must be able to unsubscribe without providing personal information
Transparency: Brazil Court Orders Four Companies to Remove Scam Websites
Four websites are set to be removed after Brazilian court has found that they misled consumer exposing their personal data
California Court Finds Unfair Information Use
California Court has found that a company's opt out mechanism does not make their sale of Plaintiff's personal information fair.
Call Center: Illinois Court Preliminarily Approves Settlement for Secret Recordings
Following a class alleging violations of CIPA by recording calls without consent a settlement has been agreed
Do Not Call: AEPD Spain Fines Telecom €100,000
Telecom company fined €100,000 for unsolicited telemarketing calls to an individual on the do not call list.
Brazil Constitutional Data Protection Right Awaits Senate Approval
Brazilian Senate is considering whether to amend the Constitution to add data protection as a fundamental right
Privilege: Pennsylvania Court Orders Production of Investigation Report
Court order store chain to produce a report investigating the nature and the scope of their data breach
Invasion of Privacy: Apple Halts Rollout of Surveillance Software
Following backlash over its latest surveillance software, Apple have had to pause their plans to implement this.
Illinois Enacts Household Privacy Protections
A new Privacy Act in Illinois has brought in greater regulations with regards to law enforcement obtaining household electronic data.
Biometrics: Illinois Complaint Alleges Illegal Voiceprint Collection and Use
A retailer been accused of violating workers biometric privacy rights by using a voice recognition software without the workers' consent.
SEC Charges Firms for Deficient Cybersecurity Policies and Procedures
Eight firms had email account takeovers exposing the personal information of thousands of customers and clients
WhatsApp Ireland Hit With Record €225 Million Fine
Irish DPC fine WhatsApp Ireland a record amount after finding a lack of transparency as to how the app shares user data
Due Diligence: FINRA Guidance on Supervising Vendor Cybersecurity
FINRA found that a large number of member firms had mutiple shortcomings causing violations of FINRA and SEC rules.
COVID-19: Brazilian Regulator’s Principles for Processing Geolocation Data
Sharing consumers' geolocation data by telecom operators does not violate the Federal Constitution or LGPD when done for certain reasons.
Liability: Cruise Company Must be Held Responsible for Illegal Robocalls
Advocates highlight that the company cannot escape liability because of a boilerplate provision without exercising any due diligence
NIST Draft Guidance for Federal System Security Assessments
Special publication 800-53A forms part of the guidance to federal systems implementing NIST’s Risk Management Framework, addressing the assessment…
Invasion of Privacy: Court Finds Florida Covid-19 Law Unreasonable
A cruise company sued the government of Florida because of its law that restricted businesses from requesting proof…
Financial Information: Parties Propose Class Settlement to California District Court
The proposed settlement of USD $58 million is based on its unauthorized collection and use of customers’ data…
Regulator Powers: Mexico INAI Total Fines in First Semester of 2021
In the first 6 months of 2021, the INAI imposed fines for a total amount of 32,648,000 pesos…
EN 
PT