X breached its transparency obligations under the Digital Services Act (DSA) and should pay a 120 million euros ($140 million) fine, the European Commission said Friday in its first non-compliance decision under the law. X didn't immediately comment.
Education technology provider Illuminate Education must implement a data security program and delete unnecessary data in response to a data breach that may have stemmed from security failures, the FTC said Monday.
Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching the title or clicking on the hyperlinked reference number.
The California attorney general’s $1.4 million settlement with mobile games company Jam City demonstrates that enforcers are focused on making opt-outs easy for consumers and that companies’ handling of teenagers’ data is important, said privacy lawyers in interviews and recent blog posts. It also shows that mobile apps -- not just websites -- are in regulators’ crosshairs, they said.
A Nov. 6 joint settlement between three states and software company Illuminate Education over a data breach that exposed students' information highlights regulators' focus on protecting minors’ data, said privacy pros and an attorney in interviews. In addition, the incident and settlement show that no matter what sector a breach occurs in, the principles of information security are similar, the attorney said.
Election year 2026 could drive more headline-grabbing state privacy enforcement, said Womble Bond privacy attorney Tyler Bridegan in an interview with Privacy Daily. In general, state privacy enforcement seems to be at the "very beginning of the bell curve,” said Bridegan, who was recently director of privacy and tech enforcement for Texas Attorney General Ken Paxton (R). Also, Bridegan praised Ryan Baasch, another alumnus of the Texas AG's office, who's expected to be nominated as an FTC commissioner by President Donald Trump.
A federal judge preliminarily approved a proposed settlement in a Video Privacy Protection Act (VPPA) case against Limited Run Games, a video game distributor.
The California Privacy Protection Agency (CalPrivacy) made clear in its Tractor Supply Co. investigation earlier this year that it “will litigate the scope and enforceability of its administrative subpoenas if needed,” ZwillGen’s Yiannis Vandris and two others from the law firm blogged Tuesday. However, legal questions persist about how far back the agency can look for violations, they said.
California's recent enforcement action against Sling TV prolongs a trend of the state’s attorney general "staking out aggressive CCPA [California Consumer Privacy Act] compliance positions that require material operational changes beyond typical market practices,” McDermott Will privacy attorneys blogged Tuesday.
Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching the title or clicking on the hyperlinked reference number.