Although every state has a data breach notification law, each one imposes different regulations and reporting requirements, Emory Roane, associate director of policy at Privacy Rights Clearinghouse (PRC), said in a recent interview with Privacy Daily. While some protections exist at the federal level, a comprehensive breach law would help, as would data minimization principles, privacy pros added.
While not every state privacy bill becomes law, it’s important to look for trends in what’s being proposed across the U.S., privacy lawyers said during the Risk Digital virtual conference Thursday. They also said to keep an eye on class actions and watch for privacy rules that might be tucked into other kinds of laws.
Kmart Australia violated customers' privacy by indiscriminately collecting their personal and sensitive data with facial recognition technology (FRT) in an operation designed to tackle refund fraud, Privacy Commissioner Carly Kind announced Thursday.
Though many digital health apps and online platforms fall outside the scope of the Health Insurance Portability and Accountability Act (HIPAA), courts and regulators are using other tools to expand enforcement against them when they share sensitive health data without consent, said Sheppard Mullin lawyers in a blog post.
While there is much debate in courts over the Video Privacy Protection Act (VPPA), class certification is one of the largest obstacles, said Morrison Foerster lawyers in a blog post Wednesday.
The Encyclopaedia Britannica site tracks users' activity and then sells it to third parties in violation of the California Invasion of Privacy Act, said a class-action complaint Tuesday against the venerable reference source. Tracking software was installed on britannica.com and is operated without user knowledge or consent, plaintiff Daniel Vesely alleged.
While companies often understand they risk incurring regulatory fines when they ignore data privacy, many underestimate the real cost of this approach, which includes the potential for lawsuits and class actions, said Bricker Graydon lawyer Nancy Magoteaux in a blog post Tuesday.
Retina Group of Florida suffered a data breach that may have leaked the personal information of more than 150,000 patients, Schubert Jonckheer said Thursday.
A law firm is investigating allegations that Disney violated the Children’s Online Privacy Protection Act (COPPA) by collecting personal data, without parental knowledge or consent, from children who watched its videos online, and using the data to serve them targeted ads.
Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching the title or clicking on the hyperlinked reference number.