On June 6, 2019 Maine’s governor signed into law LD 946, “An Act To Protect the Privacy of Online Customer Information.” The Act applies to broadband internet service providers (ISPs) defined as any “mass-market retail service by wire or radio that provides the capability to transmit data to and receive data from all or substantially all […]
On June 28, 2019, the Garante per la protezione dei dati personali, the Italian Data Protection Authority issued a EUR 1 million fine against Facebook following the scandal of Cambridge Analytica. See here for more info. According to the Italian DPA, 57 Italian users downloaded the incriminated application through the Facebook login function. This […]
On May 31, 2019, the District of Columbia Superior Court issued an order rejecting Facebook’s request to dismiss or to stay a data privacy litigation brought under a state consumer protection statute. The case is interesting because the order deals with the decision of a state court on the applicability of state general consumer protection […]
On June 4, 2019, the United States District Court for the Southern District of New York granted Defendant’s motion to dismiss since the company mooted Plaintiff’s claims and for lack of personal jurisdiction over Defendant. By way of background, Plaintiff alleged that Defendant’s website denied equal access to visually-impaired customers and that Defendant’s […]
On October 8, 2018, the Italian Garante per la Protezione dei Dati Personali, the Italian data protection authority, DPA, released instructions on how to maintain a record of processing activities, as well as a sample document compliant with Regulation (EU) no. 679/2016, the General Data Protection Regulation, GDPR. The record – to be maintained by […]
On May 28, 2019, Attorney General Mark Brnovich announced a settlement with healthcare software providers Medical Informatics Engineering Inc. and NoMoreClipboard, LLC regarding some claims brought against them under the federal Health Insurance Portability and Accountability Act (HIPAA). By way of background. Defendants were business associates that were providing health records services that enabled […]
On June 14, 2019, the FTC reached a settlement with SecurTest, Inc., a background screening company over allegations that it falsely claimed to be a participant in the EU-U.S. Privacy Shield program. This is the result of the FTC taking action against false claims of participating to the EU-US Privacy Shield Framework. See here. […]
On June 6, 2019 Attorney General Letitia James, announced a $65,000 settlement with online retailer Bombas LLC for failing to provide notice of payment cards consumers’ data breach that affected 39,561 consumers. In 2014 unauthorized intruders inserted malicious software code to steal payment card information into the ecommerce platform supporting Bombas’ website. Intruders accessed customer […]
On June 7, 2019, the Official Journal of the European Union (OJEU) published Regulation (EU) 2019/881, the EU Cybersecurity Act. The EU Cybersecurity Act aims at ensuring the proper functioning of the internal market while achieving a high level of cybersecurity, cyber resilience and trust within the EU. It lays down: (a) the […]
On April 30, 2019, the Department of Health and Human Services (HHS) announced that it would be using its discretion in how it applies HHS regulations concerning the assessment of Civil Money Penalties (CMPs) under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), as such provision was amended by the Health […]