Enforcement + Litigation

Subscribe to Enforcement + Litigation via RSS

In its continued concentration on the collection and use of consumers’ precise geolocation, on January 16, 2024, the Federal Trade Commission (FTC) settled with General Motors (GM) over allegations that it collected, used, and sold drivers’ precise geolocation and driving behavior data from millions of vehicles—data that can be used to set insurance rates—without adequately

The Federal Trade Commission (FTC) issued a proposed settlement order against GoDaddy alleging that it “has failed to implement reasonable and appropriate security measures to protect and monitor its website-hosting environments for security threats, and misled customers about the extent of its data security protections on its website hosting services.”

The proposed settlement order requires

In August 2024, the Department of Justice (DOJ) and eight states filed a civil antitrust lawsuit against RealPage Inc., alleging that its software was used to unlawfully decrease competition among landlords and maximize profits. Last week, the DOJ, now joined by ten states, filed an amended complaint alleging that landlords Greystar Real Estate Partners LLC

2024 was a year chock-full of data breaches and privacy violations. Many new data privacy and cybersecurity regulations were introduced (and became effective), and regulators sent a strong message to businesses that privacy must be at the forefront of their strategy and goals and that robust security controls are required to protect employee and consumer

American Addiction Centers Inc. faces a class action in the Middle District of Tennessee for allegations that it violated the Health Insurance Portability and Accountability Act (HIPAA) by failing to protect patient data from cyber criminals.

In September 2024, American Addiction Centers suffered a cyber-attack that led to the unauthorized access to sensitive personal information

In a highly anticipated decision on an issue facing courts across the country, the Massachusetts Supreme Judicial Court held in late October that Massachusetts hospitals’ use of online tracking technologies that collect and transmit browsing activities of website visitors does not violate the Massachusetts Wiretap Law. 

The Court determined that online interactions between visitors and

The Federal Trade Commission (FTC) has been on a mission to communicate its seriousness about companies collecting, using, and selling consumers’ sensitive location data and that it is closely watching these practices.

On December 3, 2024, the FTC announced that it entered into a proposed order with Gravy Analytics and its subsidiary Venntel “for unlawfully

This week, the Federal Trade Commission (FTC) issued a proposed consent order to settle allegations against IntelliVision Technologies Corp. (IntelliVision) for making false, misleading, and unsubstantiated claims that its artificial intelligence (AI) facial recognition software, was free of gender and racial bias.

According to the proposed consent order, IntelliVision must cease publicizing misrepresentations of its

Last week, the California Privacy Protection Agency (CPPA) announced settlements with two data brokers, Growbots, Inc. and UpLead LLC, for failure to register and pay the fees required of a data broker under the California Delete Act.

Growbots is a software company that provides an outbound sales platform to help users find, engage with, and