Businesses should start thinking now about complying with new data-protection regulations approved Thursday by the California Privacy Protection Agency (CPPA), privacy attorneys said immediately afterward in blogs and LinkedIn posts. While consumer privacy advocates slammed the rules as weak, one acknowledged they still give California a lead over other U.S. states.
A federal judge's recent decision in a privacy case involving GoodRx is relevant to one concerning children's privacy violations by an EdTech company, parents alleged in a court document filed Thursday.
House of Dior didn't properly secure customers' sensitive personal information, prompting a data breach in Jan. 2025, a class-action lawsuit filed Wednesday alleges. The suit also claims Dior was too slow to inform customers that their personal data was potentially exposed.
Recent settlements show the vulnerability of companies that hire privacy vendors and think they're in compliance, Frankfurt Kurnit attorneys said during a webinar Thursday. In addition, they noted that states besides California are becoming more active in privacy litigation and enforcement.
A class-action complaint alleging a software company created and sold consumer profiles without their consent will continue, the U.S. District Court for Northern California ruled on Friday.
Ireland's first mass-litigation case could have major implications for tech companies that process data under the General Data Protection Regulation, Pinsent Masons commercial litigation attorney Zara West blogged Thursday.
Google renewed its call for a federal court to dismiss a class-action case against it that alleges the company's education products secretly harvest mass amounts of student information and data without their or their parents’ knowledge or consent. In its motion to dismiss, Google claims the plaintiffs -- parents of minor schoolchildren -- haven't alleged invasion of privacy.
Technology service provider Capgemini America asked a federal court Thursday to dismiss a privacy suit from MoneyGram Payment Systems that alleges Capgemini is responsible for a recent data breach. In the motion to dismiss, Capgemini said it lacked access to "the personal data of MoneyGram’s customers."
A federal judge granted class action certification on Monday in a 2021 case alleging Amazon unlawfully recorded and collected private conversations through its virtual assistant Alexa, without notice or consent. Case 21-00750 alleges violation of six states’ wiretap laws and Washington state’s Consumer Protection Act.
Effective Tuesday, an amendment to the Colorado Privacy Act (CPA) that enhances protections for biometric identifiers widens the scope of whom the privacy law applies to and forces companies to review their policies, said privacy lawyers. Enacted as HB-1130 in June 2024, the measure compels entities that collect biometric data to meet stringent notice and consent requirements if they use or intend to use it for unique identification (see 2406030010).