Enforcement + Litigation

EyeMed Vision Care, LLC has agreed to settle allegations lodged against it by four state Attorneys General for $2.5 million stemming from a data breach that occurred in 2020 and effected 2.1 million people.

The settlement is with the AGs of Florida, New Jersey, Oregon, and Pennsylvania. The breach occurred when threat actors infiltrated EyeMed’s

On May 17, 2023, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement with MedEvolve, Inc. for $350,000. MedEvolve provides practice and revenue cycle management and practice analytics software services to health care entities. The settlement resulted from MedEvolve’s alleged violation of the Health Insurance Portability and Accountability

Chinese company ByteDance faces growing concerns from governments and regulators that user data from its popular short video-sharing app TikTok could be handed over to the Chinese government. The concern is based on China’s national security laws, which give its government the power to compel Chinese-based companies to hand over any user data. More than

The Office of the California Attorney General recently announced that it will initiate an investigative sweep and will start sending letters to businesses about their mobile apps for failure to comply with the California Consumer Privacy Act (CCPA). There is also a new online tool that allows consumers to directly notify a business of an

An Illinois appellate court has ruled that Apple’s biometric unlock features, including Touch ID fingerprint scanning and Face ID facial geometry scanning, do not violate the state’s Biometric Information Privacy Act (BIPA). The case involved a group of Illinois residents who alleged that Apple’s Face ID feature impermissibly collects facial geometries from pictures stored in

Epic Games $520 Million Settlement with FTC for Unfair Practices and COPPA Violations

In a recent agreement totaling $520 million, Epic Games, Inc. (Epic), maker of the popular Fortnite video game, settled allegations posed by the Federal Trade Commission (FTC) that it violated the Children’s Online Privacy Protection Act (COPPA). The FTC’s complaint alleged that

The Justice Department and the Security and Exchange Commission (SEC) have charged eight men of using their social media clout to manipulate investors in a stock pump-and-dump scheme [view related]. The defendants allegedly took to Twitter and Discord to promote themselves as seasoned stock traders and, according to the SEC’s press release, fed their

Chip manufacturer ARM reportedly won’t sell its latest Neoverse V series computer chips to Chinese tech giant Alibaba due to concerns over U.S. and UK export controls on certain classes of powerful chipsets. Among the most advanced chips on the market, sale of the Neoverse V chips would likely violate trade restrictions intended to keep

The Federal Communications Commission (FCC) will categorically ban devices over national security concerns for the first time in history. Per a new order, the FCC will prohibit the import and sale of devices produced by Huawei and ZTE, and restrict the use of several other Chinese-produced devices for government and critical infrastructure purposes. Huawei

A 34-page class action was filed against Blackhawk Network for a data breach that occurred on MyPrepaidCenter.com in September of this year. The plaintiffs allege that Blackhawk Network’s failure to prevent or detect this incident was “particularly egregious” since it operates a website where consumers can activate and manage prepaid gift cards, which requires collection