The U.K. Information Commissioner's Office (ICO) is planning to relax some enforcement of consent requirements for companies that stop using intrusive tracking technologies, it said Monday (see 2504280042).
Recent enforcement against Honda and Healthline in California and FTC action against data brokers show that companies must understand data flow and consent, an executive with the Interactive Advertising Bureau (IAB) said in an interview Monday.
A California privacy enforcer’s first use of a purpose-limitation requirement under the California Consumer Privacy Act (CCPA) makes this week’s record $1.55 million settlement with Healthline a significant enforcement action for companies in many sectors, privacy experts told Privacy Daily this week. Also significant was the highly technical, in-depth investigation that the office of Attorney General Rob Bonta (D) conducted, they said. Signs point to increased privacy enforcement ahead.
Following a joint stipulation of voluntary dismissal Friday from data scraper Bright Data and social media platform X, U.S. District Court for Northern California Judge William Alsup ordered the copyright case dismissed on Tuesday.
Healthline called a $1.55 million settlement with California "amicable" after an enforcement action alleged that the company committed a series of privacy violations (see 2507010074).
Utah should consider amending its comprehensive privacy law, given the underwhelming number of consumer privacy complaints filed in the statute’s first 18 months, said Attorney General Derek Brown (R) and the Utah Division of Consumer Protection in a report obtained Wednesday by Privacy Daily. “Complaints have not been as forthcoming as anticipated,” it said, but “violations are likely occurring.”
Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching the title or clicking on the hyperlinked reference number.
Healthline must pay California $1.55 million under the largest proposed settlement yet under the California Consumer Privacy Act, Attorney General Rob Bonta (D) said Tuesday. The settlement, which is pending final court approval, also includes a novel injunctive term prohibiting the company “from sharing article titles that reveal that a consumer may have already been diagnosed with a medical condition,” the AG's office said.
Healthline must pay California $1.55 million as part of a record proposed settlement under the California Consumer Privacy Act, Attorney General Rob Bonta (D) said Tuesday. It also includes a novel injunctive term prohibiting the company “from sharing article titles that reveal that a consumer may have already been diagnosed with a medical condition,” the attorney general's office said.
AT&T's proposed $177 million settlement stemming from 2019 and 2024 data breaches shows that multifactor authentication isn't optional, cybersecurity expert Joe Vadakkan wrote last week. In the 2024 incident, hackers penetrated AT&T's Snowflake cloud system using credentials that didn't have MFA and made off with customers' call and text metadata, he said. "Weak credential protections" made the hack possible, he added. "Supply chain vigilance is critical," as the Snowflake breach came via "internal compromises." The settlement received preliminary approval in U.S. District Court earlier this month.