Texas Attorney General Ken Paxton filed a lawsuit against Google for alleged “blatant defiance” of Texas’s biometric privacy law, which prohibits capturing biometric identifiers without prior consumer consent. The complaint alleges that several Google products, including Google Home, Nest, and Google Photos, collect and catalog biometric identifiers such as facial structure and voice print.
Texas
Last week, the California Privacy Protection Agency (CPPA) released updated California Privacy Rights Act (CPRA) draft regulations and a summary of the changes. The regulations remain in the proposal stage and it is unclear when to expect finalized rules, although it is likely that this version will include near final requirements and prohibitions.
While most
A Dutch court ruled in favor of a Dutch national employed by a U.S. company who was fired for refusing to turn on his webcam. The ruling was part of the employee’s wrongful termination lawsuit against his former employer, Chetu, Inc, a Florida-based software company. Chetu’s company policy requires employees to have their webcams and
When the U.K. withdrew from the European Union (EU), its General Data Protection Regulation (GDPR) status was one of many headaches for regulators to figure out. After drawn-out negotiations over points such as requiring opt-in or opt-out models, lawmakers had settled mainly on a GDPR-like solution called the Data Protection and Digital Information Bill.
The
The White House Office of Science and Technology Policy (OSTP) released its Blueprint for an AI Bill of Rights and, thankfully, it doesn’t give AI any rights. This (nonbinding) document is meant to provide a best-practice guide for AI system designers and frames those systems’ use as a civil rights issue. The OSTP focused on
A class action lawsuit, Seirafi et al v. Samsung Electronics America, Inc., Case 4:22-cv-05176-KAW, filed recently in the Northern District of California, alleges that Samsung’s unnecessary personal information collection, and failure to secure that information, violate the California Consumer Privacy Act (CCPA). This lawsuit was inspired by two recent data breaches that allegedly included personal
California Governor Gavin Newsom signed the California Age-Appropriate Design Code Act (the Act) into law last week. This new law will require those online service providers likely to be accessed by children under 18 years old to comply with heightened privacy requirements, including incorporating privacy-by-default and privacy-by-design into their products. The 18-year age threshold for
Ireland’s Data Privacy Commissioner will reportedly fine Instagram for its handling of children’s data. According to an investigation that began in 2020, Instagram published emails and phone numbers for children ages 13 to 17 who operated business accounts. Business accounts typically post this information by default. Meta, Instagram’s parent, plans to appeal the €405 million
Hackers caused a massive traffic jam in Moscow by exploiting the ride-sharing app Yandex Taxi and using it to summon dozens of taxis to a single location. While Yandex has not confirmed the attacker’s identity, the hacktivist group Anonymous claimed responsibility on Twitter. The group has been actively taking aim at Russian targets in response
In a complaint filed this week, the Federal Trade Commission (FTC) alleges that a data broker sold geolocation data from individuals showing their movements to and from sensitive locations, including reproductive health clinics, places of worship, and substance use disorder clinics. Kochava, the broker in question, allegedly collects and sells GPS location data from consumers