ANPD Find Lack of Privacy Maturity by Pharmacies
Brazil's ANPD have issued a notice surrounding privacy concerns regarding pharmacies and their transparency.
Sports Betting Company Fined for Storage of Payment Data
The Croatian DPA have investigated and fined a sports betting company for unlawfully storing and processing credit card information.
Montana Enacts Consumer Data Privacy Act
Montana have become the ninth state to enact their own privacy law. The Montana Consumer Data Privacy Act is similar to Virginia and Connecticut.
Meta Fined €1.2 Billion for Unlawful Data Transfers
Ireland's DPC have decided to find Meta €1.2 billion and have ordered them to stop processing the data of EU/EEA users
ANPD Brazil to Regulate the Reporting of Security Incidents
Brazil's ANPD are taking public consultation on proposed new regulations regarding the reporting of security incidents that involve personal data
White House Actions to Promote Safe AI Innovation
The White House has announced new actions regarding responsible AI innovations to ensure the use of AI protects citizens rights and safety
Croatian Debt Collector Fined For GDPR Violations
The Croatian DPA have fined a debt collection agency for violating GDPR as they were processing data in a non-transparent way.
Tennessee Eighth State to Pass Privacy Law
Tennessee is the eighth US state to sign into law their own comprehensive privacy law. It will become effective in 2025.
Hackers are Holding Personal Data Hostage
CNBC have highlighted the preferred method for cyberattacks at the moment whereby hackers steal information and threaten to leak it.
Facebook Brazil Fined Billions for Third-Party Data Scraping
A Brazilian Court has fined Facebook BRL 4.1 billion after it was found they violated LGPD by failing to adequately protect users data
Indiana Becomes Seventh State to Pass Data Protection Act
Indiana become the seventh state in the United States to adopt a comprehensive privacy law, Indiana Consumer Data Protection Act
FTC Permanently Bans Companies and Fines $6.5 Million
Three companies have received a lifetime industry ban and fines of $6.5 million for a telemarketing scam regarding extended warranties
Former Uber CISO Avoids Jail Time After Data Breach
Uber's former CISO narrowly avoided jail time after covering up a huge data breach that impacted the data of over 57 million people.
NextGen Data Breach Compromises 1 Million Patient Records
NextGen recently disclosed a data breach affecting the healthcare records of over 1 million patients after client credentials were stolen
New York Law Firm Fined $200,000 After Not Protecting Data
A New York law firm has been fined $200,000 for failing to protect the protected health information of New Yorkers.
North Carolina Consider Consumer Privacy Act
North Carolina are considered their own consumer privacy law, the Consumer Privacy Act of North Carolina.
ANPD Warns Of Unofficial LGPD Complaince Seals
Brazil's ANPD have come out and warned against entities offering 'seals of compliance' for the LGPD as these are not recognized by the ANPD.
TikTok Being Investigated By Canadian Privacy Regulators
Four Canadian privacy regulators have decided to jointly investigate TikTok's privacy practices and whether they comply with their laws.
TikTok Fined £12.7 million by UK’s Information Commissioner
The UK's ICO has fined TikTok £12.7 million for illegally processing the data of up to 1.4 million UK children under the age of 13.
Utah Pass Social Media Bills Aimed at Protecting Minors
Utah have passed new legislation to protect under-18s living in the state. Social media companies will be expected to do a lot more.
Iowa is Sixth State to Pass Comprehensive Privacy Law
Iowa is set to become the sixth US state to pass a privacy law. It awaits the Governor's signature but if passed it will take effect in 2025
ICO Fines Company £200,000 for Nuisance Call Campaign
ICO fined a company £200,000 after they made over 1.5 million nuisance, direct marketing calls within an 11-month period.
Brazilian Bill Prohibits Sole Use of Facial Recognition For Identification
A Bill has been introduced to address some concerns and issues with the rising use of facial recognition for identification purposes.
The Nightmare Privacy Reality Behind ChatGPT
A look at the topic of how ChatGPT got all the information it has to function. What, if anything, we've ever put on the internet is safe?
Hilton Hotels Loyalty Program Data Breached
Hilton Hotels loyalty program was supposedly breached and data put up for sale with up to 3.7 million users impacted.
Australia Consider European-Style “Right to Be Forgotten” Privacy Law
Attorney General of Australia has said a European-style "right to be forgotten" privacy law needs to be considered.
Five Guys Job Applicant Data Hacked
Five Guys recently contacted people who had applied for jobs with them to advise personal information had been accessed in a data breach.
Apple Urged to Protect Reproductive Health Data
California's Attorney General has joined a coalition urging Apple to better protect consumers' private reproductive health information.
DoJ Announces Indictment of Former Hospital Staff
The US DoJ announced a grand general jury has indicted 5 former hospital employees for HIPAA violations.
Georgia Healthcare Provider Settles with Massachusetts Attorney General
A GA based healthcare provider will pay a penalty to the MA Attorney General for failing to protect against phishing attacks.
Google Settlement of $391.5M Over Unlawful Location Tracking
Google will pay to settle allegations from 40 states that they unlawfully tracked users' location data after they had been instructed not to
Spanish AEPD Launches Breach Assessment Tool
Spain's AEPD have released a tool designed to assess a data breach and determine whether the AEPD needs to be notified.
FTC Called Upon to Enforce Health Breach Notification Rule
CHIME have urged the FTC to do more within their existing authority under the Health Breach Notification Rule.
ANPD Guidance on Cookie Compliance
The ANPD have released a handbook providing guidance on cookies and data protection including things that must be available to consumers.
SheIn $1.9M Fine for Failing to Protect Customer Information
SheIn and Romwe owner, Zoetop, is set to pay the State of New York $1.9 million after failing to protect customer information.
Baltimore Court to Approve $9.5 Million Settlement
A healthcare provider has decided to settle a lawsuit about a data breach that lasted 18 months and impacted over 500,000 patients.
ICO Fines Catalogue Retailer £1.48 Million
ICO has fined a company for contacting people unlawfully for direct marketing purposes and profiling individuals without consent.
First BIPA Jury Gives Guilty Verdict and $228M in Damages
The first ever BIPA jury trial found a company violated BIPA 45,600 times and awarded a total of $228 million in damages.
Drizly Agrees to Tighten Data Security After Alleged Breach
Drizly, an Uber subsidiary, has agreed to improve data security and reevaluate the data they are collect from consumers.
Medibank Confirms Hackers Accessed All Customers Data
Medibank have confirmed the data of all of their 3.9 million customers has been affected by a major cyber attack by hackers.
Clearview Fined Again For Unlawful Image Scraping
CNIL have fined Clearview for their facial recognition technology as it violates GDPR, they also failed to cooperate with the investigation.
Brazilian Bill to Allow Third-Party Recordings to Prosecute Crimes
A new Bill will amend the Telephone Interception Law to allow third-party recordings to be included in criminal prosecutions.
NY DFS Fines Crypto Platform $30 Million for Significant Deficiencies
Robinhood Crypto, LLC are fined $30 million and ordered to hire an independent consultant after failures in cybersecurity and others.
NJ Court Finds Physician Unlawfully Disclosed PHI
A former physician with practices in New Jersey, New York, and Florida and admitted to unlawfully sharing personal health information.
President Biden Signs Order to Aid EU-US Data Transfers
President Biden has signed an Executive Order which commits to changes in an attempt to restore transatlantic data transfers.
Europe V. Google Analytics: What Is Happening?
A timeline of the Google Analytics issue in Europe. Why is it such an issue since the Schrems II decision in 2020?
Canadian Retail Company fined $100,000 by CRTC
The CRTC has fined a retail company $100,000 for violations of the Telecommunications Act and the Unsolicited Telecommunications Rules.
IL Court Finds Written Waivers Do Not Defeat BIPA Claims
An Illinois Court has denied a motion to dismiss in a case against a blood bank who collected and stored biometric information.
Dutch Hospital Fined for Unauthorized Access
A Dutch Court ordered a hospital to pay compensation after an employee accessed medical information and helped it be published in a book.
DPC Ireland TikTok Decision Submitted For Review
DPC Ireland have submitted a draft decision for review regarding TikTok's handling of the personal data of children and minors.