The Telephone Consumer Protection Act (TCPA) has not been updated in over 30 years. The Federal Communications Commission (FCC) has been asked by Congress to take “decisive action in addressing the escalating issue of fraudulent and scam text messages that target American consumers.” The TCPA restricts the hours in which telemarketers can call, prevents businesses
Enforcement + Litigation
California Attorney General Settles Third CCPA Enforcement Action
Following the Sephora and DoorDash enforcement actions, on June 18, 2024, the California Attorney General announced its third California Consumer Privacy Act (CCPA) enforcement action against Tilting Point Media LLC. Tilting Point is a mobile video game developer, including children’s games. The California AG alleged that Tilting Point collected and shared children’s data without parental…
Department of Justice Maintains Its False Claims Act Enforcement Focus on Government Contractor Cybersecurity
Below is an excerpt of a legal update co-authored with Government Enforcement + White Collar Defense Partner David E. Carney.
On June 17, the Department of Justice (DOJ) announced settlements of alleged False Claims Act (FCA) violations associated with cybersecurity requirements in contracts to provide a secure environment for online applications for federal housing…
Marriott Faces Class Action for Alleged Violation of Illinois Biometrics Law
This week Marriott Hotel Services was hit with a class action lawsuit for alleged violations of the Illinois’ Biometrics Information Privacy Act (BIPA). The lawsuit alleges that the hotel violated BIPA by requiring workers to scan their fingerprints as a means to clock in at work without proper notice or consent.
BIPA prohibits businesses from:…
Intercontinental Exchange Settles with SEC Over Alleged Delay in Notification of Hack
Intercontinental Exchange, Inc. (ICE), the owner of the New York Stock Exchange, has agreed to settle with the Securities and Exchange Commission (SEC) for $10 million over allegations that it failed to timely notify the SEC of the cybersecurity incident it experienced in 2021 involving its virtual private network.
The SEC alleged that ICE should…
X Corp Loses Battle Over Public Data Access
In a significant setback for Elon Musk’s X Corp (formerly Twitter), a U.S. District Judge has dismissed the company’s lawsuit against an Israeli data-scraping firm, Bright Data Ltd. We previously reported on X’s recent spree of lawsuits against data-scraping companies.
The court held X Corp failed to demonstrate that Bright Data violated its user agreement…
Massachusetts Court to Determine the Legality of Snapchat Surveillance
This week, the Massachusetts Supreme Judicial Court (SJC) reviewed a lower court’s dismissal of gun-related indictments against Richard Dilworth, Jr., related to the state’s refusal to disclose the bitmojis and usernames it used to conduct online surveillance through Snapchat accounts in 2017 and 2018.
Police arrested Dilworth for possession of a loaded revolver after Boston…
Crumbl Sued for Disclosing Data to Stripe Without Consent
In the latest surge of lawsuits against retailers for embedding tracking technology into websites, yummy cookie company Crumbl was sued on May 1, 2024, for allegedly embedding web-tracking technology allowing third-party processing company Stripe to obtain, without consumer consent, customers’ names, email and delivery addresses, geographic locations, IP addresses, and payment information when consumers surf…
Federal Trade Commission Continues to Target Healthcare Companies for Unauthorized Data Disclosures
The Federal Trade Commission (FTC) has assumed the authority to enforce unauthorized data disclosures under the Federal Trade Commission Act (FTC Act). During the past three weeks, the FTC has used this authority to go after healthcare companies that disclose their customers’ personal data without permission.
On April 11, the FTC sued Monument, an online…
FCC Fines Wireless Carriers $200M for Sharing Location Data with Third Parties
The Federal Communications Commission (FCC) has announced that it has levied almost $200 million in fines against “the nation’s largest wireless carriers for illegally sharing access to customers’ location information without consent and without taking reasonable measures to protect that information against unauthorized disclosure.”
The FCC’s allegations include that the carriers sold access to customers’…