Time 2 Minute Read

On October 24, 2024, the Irish Data Protection Commission announced that it had issued a fine of 310 million euros against LinkedIn Ireland Unlimited Company for breaches of the EU GDPR related to transparency, fairness and lawfulness in the context of the company’s processing of its users’ personal data for behavioral analysis and targeted advertising.

Time 3 Minute Read

On October 4, 2024, the Court of Justice of the European Union (“CJEU”) issued its judgment in case KNLTB (C‑621/22). In this judgment, the CJEU was called upon to clarify the concept of “legitimate interests” and, in particular, whether purely commercial interests can be considered as legitimate under the EU General Data Protection Regulation (“GDPR”).

Time 2 Minute Read

The U.S. Government Accountability Office has launched an investigation into how retirement plan providers use data collected from 401k plan participants to engage in cross-selling of financial products.

Time 1 Minute Read

On October 23, 2024, the UK government introduced the draft Data (Use and Access) Bill to the House of Lords. 

Time 4 Minute Read

On October 21, 2024, the U.S. Department of Justice National Security Division issued a Notice of Proposed Rulemaking implementing Executive Order 14117 that will restrict certain transactions with high-risk countries.

Time 3 Minute Read

On October 22, 2024, the Consumer Financial Protection Bureau finalized a rule concerning the portability of consumers’ personal financial data.

Time 3 Minute Read

On October 15, 2024, the U.S. Court of Appeals for the Second Circuit vacated the dismissal of a proposed class action against the National Basketball Association under the Video Privacy Protection Act, holding that the named plaintiff successfully pled that he was a “consumer” protected by the Act by virtue of his subscription to the Defendant’s online newsletter.

Time 3 Minute Read

On October 16, 2024, the Federal Trade Commission issued a final Click-to-Cancel Rule, also known as the Negative Option Rule, updating its existing regulatory scheme that requires sellers to make it as easy for consumers to cancel their subscriptions and memberships as it is to sign up in the first place. 

Time 2 Minute Read

On October 16, 2024, the New York Department of Financial Services (“NYDFS”) issued an Industry Letter warning companies to update their AI security procedures around multifactor authentication, which are potentially vulnerable to deepfakes and AI-supplemented social engineering attacks.

Time 2 Minute Read

On October 16, 2024, the European Data Protection Board announced it had adopted Guidelines 2/2023 on Technical Scope of Art. 5(3) of ePrivacy Directive following a public consultation.

Search

Subscribe Arrow

Recent Posts

Categories

Tags

Archives

Jump to Page