No matter how aggressively the FTC under the Trump administration pursues privacy cases, state attorneys general are clearly ready to band together and enforce state laws, Safeguard Privacy General Counsel Andy Hepburn said Wednesday at the Privacy + Security Forum.
There’s a checklist companies can complete to show they’re operating in “good faith” to comply with DOJ’s Data Security Program before full enforcement begins July 8 (see 2504140047), Orrick attorneys said Wednesday at the Privacy + Security Forum Spring Academy event.
Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching on the title or by clicking on the hyperlinked reference number.
The California Privacy Protection Agency (CPPA) dressed down national menswear retailer Todd Snyder with a $345,178 fine Tuesday for alleged violations of the California Consumer Privacy Act (CCPA). Closely following CPPA action last March against Honda, the Todd Snyder case is more than an enforcement action. It also “highlights a trend by this agency of looking beyond surface compliance with the CCPA,” Wiley privacy attorney Joan Stewart told us. The agency’s board adopted the enforcement decision May 1.
A disconnect exists between legislatures, the privacy laws they create and the litigation that results from them, said panelists during a Federal Communications Bar Association (FCBA) event on privacy litigation trends Thursday. Instead, this ecosystem results in great confusion, prompting a rise in privacy law-related cases, they said.
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a $600,000 settlement with California health care network PIH Health, Inc. (PIH) Wednesday over a phishing attack that allegedly exposed electronic protected health information (ePHI) of almost 200,000 individuals.
European Data Protection Supervisor Wojciech Wiewiorowski is worried about what's going on in the U.S. and its potential effect on the EU-U.S. Data Privacy Framework (DPF), he said Wednesday at a streamed Brussels briefing on the EDPS' 2024 annual report.
States are seeking to build a foundation of privacy enforcement by taking action against a broad range of companies, state enforcement officials said Wednesday on a panel at the IAPP Global Privacy Summit. An increasing number of privacy regulations around the world present a big challenge for companies that operate in many global markets, said another IAPP panel earlier Wednesday.
Toyota was sued Monday in the U.S. District Court for Eastern Texas for the alleged collection and sale of drivers' data to insurance company Progressive, despite saying in their Data Sharing Policies that it does not share this information without the drivers' consent. Progressive uses the data in their Snapshot data-sharing program that measures a variety of aspects related to driving, the class action alleges.
The Hong Kong Privacy Commissioner's Office published an updated edition of its information booklet about getting legal assistance with civil claims under the Personal Data (Privacy) Ordinance (PDPO).