The number of actions to enforce the European Union’s General Data Protection Regulation (GDPR) against a wide range of companies continues to rise.  Germany, a country where privacy enjoys strong legal protection, is establishing itself as a favorite jurisdiction for enforcement of the GDPR.  And, not surprisingly, Facebook is one of the companies in the

Another BIPA class action was filed this week – this time against Google.  Again.  Google has been sued under BIPA before, and for seemingly the same violations as here, i.e., creating “face prints” from photos stored in Google Photos without having obtained prior, informed written consent.   The Complaint that was filed this week alleges: “Google

Christopher A. Ott, CIPP/US, former Supervisory Counterintelligence and Cyber Counsel to the National Security Division of the U.S. Department of Justice (DOJ), and most recently, a partner in private practice at Davis Wright Tremaine LLP advising clients on litigation and business strategy when facing data and privacy issues, has joined Rothwell Figg’s Privacy, Data

“Reasonable” appears several times in the California Consumer Privacy Act (CCPA), and most notably in the section on the private right of action for a data breach resulting from “a business’s violation of the duty to implement and maintain reasonable security procedures and practices appropriate to the nature of the information to protect the personal

On February 3, 2020, Bernadette Barnes, a private resident of California (on behalf of herself and others similarly situated), brought the first data breach suit citing CCPA ever.  The suit named Hanna Andersson (company specializing in high end children’s apparel) and Salesforce.com (cloud technology service as a software (“SaaS”) company) as defendants, and brought claims

The Internet of Things (IoT) is often defined as a network of interconnected devices, such as sensors, smartphones, and wearables, or the transfer of data between everyday objects with computing capabilities. It’s where physical infrastructure meets the digital universe, and where machines can “talk” to one another. The IoT creates a connected world, and it’s

The New Jersey attorney general recently made headlines when he made the decision on January 24, 2020 to have prosecutors immediately stop using a facial recognition app produced by Clearview AI (https://clearview.ai/).  Clearview AI is an app that markets itself as helping to stop criminals.  The Clearview AI website states: “Clearview helps to

Following up on our post of January 22, 2020 (“Big News in Biometrics – Supreme Court Declines to Weigh in on What Plaintiffs Must Show to Bring Biometric Privacy Suit”), Facebook has now agreed to pay $550 million to settle the BIPA class action lawsuit.  This is the largest BIPA settlement ever, and it will

The National Institute of Standards and Technology (NIST) released version 1.0 of its Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management, which follows the structure of the Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework).  The Privacy Framework acknowledges that failure to manage privacy risks can have direct adverse