On August 30, 2024, the Federal Trade Commission (FTC) announced a proposed settlement with security camera manufacturer Verkada Inc., claiming Verkada committed a variety of unfair or deceptive acts or practices in violation of § 5 of the Federal Trade
David Kessler (US)
Violation of HIPAA Security Rule = Violation of NY SHIELD Act
Minnesota enacts comprehensive privacy law
On May 24, 2024, the Minnesota Governor signed the Minnesota Consumer Data Privacy Act (“MCDPA”), making Minnesota the eighteenth state to enact a comprehensive privacy law. The new law takes effect on July 31, 2025, for most regulated entities, with…
Is your Texas data protection assessment started?
As we have previously written, the Texas comprehensive privacy law, known as the Texas Data Privacy and Security Act (TDPSA), goes into effect on Monday, July 1, 2024. As a reminder, unlike other states’ comprehensive privacy laws that are…
$10,000,000 civil penalty for disclosing personal data without consent
On April 15, 2024, the U.S. Department of Justice, upon referral from the Federal Trade Commission, filed a complaint and stipulated order against telehealth company Cerebral, Inc. The claims related to the company’s sharing personal data without consumer consent and…
Executive Order on access to Americans’ bulk sensitive data and Attorney General proposed regulations – Part 2
Approximately at the same time as the Executive Order that we described in Part 1 was issued, the Attorney General (AG) unofficially released 90 pages of Advanced Notice of Proposed Rulemaking (ANPRM), which will become official once published in the…
Executive Order on access to Americans’ bulk sensitive data – Part 1
On February 28, 2024, the White House issued an Executive Order on Preventing Access to Americans’ Bulk Sensitive Data and United States Government-Related Data by Countries of Concern. The 17-page Executive Order pointed out that “countries of concern” could use…
Two FTC complaints that over-retention of personal data violates Section 5
On January 18, 2024, the U.S. Federal Trade Commission announced a complaint and proposed consent order with InMarket Media, LLC, a digital marketing platform and data aggregator. Less than two weeks later, on February 1, the FTC announced a complaint…
$8 million penalty to NYDFS – and another case of over-retention
2024 was not a happy new year for Genesis Global Trading, Inc. (“GGT”). On January 3, 2024, the New York Department of Financial Services announced a consent order with GGT, where GGT agreed to pay NYDFS $8 million and to…