Category: Surveillance & Privacy

The Biden administration has restricted sales of some US technology to 37 companies and organisations, saying that their activity threatened national security. Three-quarters of the companies included in the announcement, which was made on Thursday, are based in China. They include entities that the commerce department said had supported Beijing’s military modernisation or produced technology that risked being diverted for military purposes. The Biden administration has warned in recent weeks that China could be gearing up to provide military support…

The application’s ban among officials in the EU and US sparks a debate about whether Facebook, which extracts more user data, should face the same restrictions This week, the European Commission banned officials from using TikTok on their work devices. “This measure aims to protect the Commission against cybersecurity threats and actions which may be exploited for cyber-attacks against the corporate environment of the Commission,” the Commission said in a memo. The EU is following in the footsteps of the…

TikTok said Wednesday that every account held by a user under the age of 18 will have a default 60-minute daily screen time limit in the coming weeks. The changes arrive during a period in which there are growing concerns among different governments about the app’s security. Families have struggled with limiting the amount of time their children spend on the Chinese-owned video sharing app. Cormac Keenan, head of trust and safety at TikTok said in a blog post Wednesday…

Last week, Canada’s federal privacy watchdog and its provincial counterparts in British Columbia, Alberta and Quebec announced an investigation to delve into whether the app complies with Canadian privacy legislation. Canadian Treasury Board President Mona Fortier said the federal government will also block the app from being downloaded on official devices in the future.

On February 1, 2023, the Federal Trade Commission announced that it entered into a proposed order with GoodRx, a telehealth and prescription drug discount provider, for violations of the FTC’s Health Breach Notification Rule stemming from GoodRx’s unauthorized disclosures of consumers’ personal health information to third party advertisers and other companies. This is the first enforcement action taken under the FTC’s Health Breach Notification Rule, which was issued in 2009. The FTC’s Health Breach Notification Rule defines a “breach of…

“Spanish authorities must conduct a full, fair, and effective investigation into these allegations, publish the findings and stop any unlawful interference into the fundamental rights of the Catalan minority activists in Spain,” they said in a statement. Top leaders arrested Following the October 2017 independence referendum, Spain arrested leaders of the Catalonian independence movement on charges of sedition. The alleged spying occurred between that year and 2020, with most incidents taking place soon after the vote. Mobile phones of at least…

  The Federal Trade Commission has taken enforcement action for the first time under its Health Breach Notification Rule against the telehealth and prescription drug discount provider GoodRx Holdings Inc., for failing to notify consumers and others of its unauthorized disclosures of consumers’ personal health information to Facebook, Google, and other companies. In a first-of-its-kind proposed order, filed by the Department of Justice on behalf of the FTC, GoodRx will be prohibited from sharing user health data with applicable third…

On January 4, 2023, the Irish Data Protection Commission (“DPC”) announced the conclusion of two inquiries into the data processing practices of Meta Platforms, Inc. (“Meta”) with respect to the company’s Instagram and Facebook platforms. As a result of the investigations, the DPC fined Meta a combined €390 million for breaches of the EU General Data Protection Regulation (“GDPR”) and, following consultation with the European Data Protection Board (“EDPB”), notably held that Meta can no longer rely on the GDPR’s…

On January 3, 2023, an Illinois state court entered a preliminary approval order for a settlement of nearly $300,000 in a class action lawsuit against Whole Foods for claims that the company violated the Illinois Biometric Information Privacy Act (“BIPA”). The plaintiffs alleged that Whole Foods unlawfully collected voiceprints from employees who worked at the company’s distribution centers.  In the case in the Circuit Court of Cook County, Illinois, Chancery Division, the plaintiffs alleged that, by requiring them to use…

The U.S. Supreme Court has rejected a bid by NSO Group to block a WhatsApp lawsuit accusing the Israeli tech firm of allowing mass cyberespionage of journalists and human rights activists. The Supreme Court denied NSO’s plea for legal immunity and ruled that the case, which targets the company’s Pegasus software, can continue in a California federal court, a court filing showed. Pegasus gives its government customers — which have allegedly included Mexico, Hungary, Morocco and India — near-complete access…

Ireland’s Data Protection Commission (DPC) announced on January 4, 2023, that it has fined Meta a total of €390 million after finding that the company’s Facebook and Instagram platforms lacked proper legal grounds for processing millions of Europeans’ personal data for targeted advertising. In addition to posing challenges for Meta’s business model, the DPC’s two decisions reflect growing disagreement among European data protection authorities (DPAs) on two fronts.  The first relates to the use of ‘contractual necessity’ as an appropriate…

On December 29, 2022, the French Data Protection Authority (the “CNIL”) announced that it imposed an €8,000,000 fine on Apple for violations of the French rules on targeted advertising and the use of cookies and similar tracking technologies. Background The CNIL received a complaint concerning Apple’s ad personalization practices on the App Store and carried out several investigations between 2021 and 2022. The CNIL’s investigations concluded that Apple was collecting the identifiers of users that visited the App Store using…

An internal investigation by parent company ByteDance confirms that employees obtained personal data from reporters who were probing Beijing’s influence on the app’s activities ByteDance, the Chinese technology giant that owns TikTok, admitted Thursday that several employees of the social network spied on journalists from Forbes magazine who were investigating the link between the company’s US branch and China. The information first came to light in October but was confirmed on December 23 by Forbes, which had access to an…