Ireland’s Data Privacy Commissioner will reportedly fine Instagram for its handling of children’s data. According to an investigation that began in 2020, Instagram published emails and phone numbers for children ages 13 to 17 who operated business accounts. Business accounts typically post this information by default. Meta, Instagram’s parent, plans to appeal the €405 million
Enforcement + Litigation
FTC Sues Data Broker for Selling Data from Reproductive Clinics and Places of Worship
In a complaint filed this week, the Federal Trade Commission (FTC) alleges that a data broker sold geolocation data from individuals showing their movements to and from sensitive locations, including reproductive health clinics, places of worship, and substance use disorder clinics. Kochava, the broker in question, allegedly collects and sells GPS location data from consumers…
ParkMobile Can’t Escape Data Breach Class Action
The class action lawsuit will continue against ParkMobile LLC for a data breach that affected 21 million users of the parking app (Baker v. ParkMobile LLC).The ParkMobile app allows users to pay for parking without having to use a traditional meter. The complaint alleges that ParkMobile was negligent in its safeguarding of consumer…
Oracle Accused of Invading Privacy with Tracking Technologies
A new class action lawsuit was filed in federal court in California against Oracle America, Inc., alleging that it A new class action lawsuit was filed in federal court in California against Oracle America, Inc., alleging that it has been invading consumers’ privacy by using tracking technologies to build “digital dossiers” on individual internet users…
Court Rules that Universities Can’t Scan Students’ Rooms During Remote Testing
In a case brought against Cleveland State University, a federal court has ruled that it is unconstitutional for a state university to require a student to allow a virtual camera scan of their home testing area during a remote In a case brought against Cleveland State University, a federal court has ruled that it is…
Sephora Settles with California AG for CCPA Violations over Sale of Data
In the first of its kind under the California Consumer Privacy Act (CCPA), Sephora settled an enforcement action with the California Attorney General for violation of the CCPA. Sephora must pay $1.2 million in penalties and implement a CCPA compliance program. The enforcement action alleged that Sephora permitted third parties to create customer profiles that…
Alight Solutions Must Comply with Subpoena Issued by DOL in Cybersecurity Incident Investigation
A subpoena was issued to Alight Solutions by the U.S. Department of Labor (DOL) for documents related to a cybersecurity breach that potentially resulted in Employee Retirement Income Security Act (ERISA) violations. Alight provides recordkeeping, administrative, and consulting services for over 750 employee benefit plans with more than 20 million plan participants.
The DOL began…
ACTS Retirement Services Faces Class Action over Data Breach
ACTS Retirement Services, Inc. (ACTS), a non-profit corporation that manages retirement communities, suffered a data breach in April 2022, which led to unauthorized access to thousands of current and former employees’ personal information. Specifically, names, Social Security numbers, and financial information were effected. As a result of this incident, ACTS now faces a data breach…
San Diego Family Care Settles Data Breach Class Action for $1 Million
Recently, San Diego Family Care (SDFC) settled a class action related to a 2020 data breach for $1 million. The class includes all SDFC patients (or their parents/guardians) who received a breach notification in May 2021.
SDFC offers patients primary care services as well as dental and mental health care, has eight health centers in…
University of Pittsburgh Medical Center Settles Data Breach Class Action for $450,000
The University of Pittsburgh Medical Center (UPMC) recently settled a data breach class action for $450,000 stemming from a 2020 data breach that led to the compromise of about 36,000 UPMC patients.
UPMC is a Pennsylvania medical center and medical insurer. From April to June 2020, UPMC’s legal counsel, Charles J. Hilton PC, suffered a…