Category: Regulatory News

Royal Park Investments (RPI), the so-called “bad bank” of the former Fortis, has filed a billion-dollar claim against rating agency S&P. De Tijd writes this and appears from media reports in the Cayman Islands, the place where the lawsuit was filed.

The application’s ban among officials in the EU and US sparks a debate about whether Facebook, which extracts more user data, should face the same restrictions This week, the European Commission banned officials from using TikTok on their work devices. “This measure aims to protect the Commission against cybersecurity threats and actions which may be exploited for cyber-attacks against the corporate environment of the Commission,” the Commission said in a memo. The EU is following in the footsteps of the…

It’s less radical than it sounds. The DOJ isn’t looking to REQUIRE such punishment. It proposes giving “discounts on fines for companies that seek to claw back compensation from corporate wrongdoers.” The punishment is likely to hurt about as much as being hit in the head by a balloon.

Telefonaktiebolaget LM Ericsson (Ericsson), a multinational telecommunications company headquartered in Stockholm, Sweden, has agreed to plead guilty and pay a criminal penalty of more than $206 million after breaching a 2019 Deferred Prosecution Agreement (DPA). 

TikTok said Wednesday that every account held by a user under the age of 18 will have a default 60-minute daily screen time limit in the coming weeks. The changes arrive during a period in which there are growing concerns among different governments about the app’s security. Families have struggled with limiting the amount of time their children spend on the Chinese-owned video sharing app. Cormac Keenan, head of trust and safety at TikTok said in a blog post Wednesday…

Two Kansas men were arrested today on charges related to a years-long scheme to circumvent U.S. export laws that included the illegal export of aviation-related technology to Russia after Russia’s unprovoked invasion of Ukraine on Feb. 24, 2022, and the imposition of stricter restrictions on exports to Russia.

The White House Office of Management and Budget issued guidance on Monday giving all federal agencies 30 days to wipe TikTok from employees’ devices. Mandated by Congress, the move follows similar guidance by the Pentagon, Department of Homeland Security, and the State Department, all of which cited alleged data harvesting by the Chinese-developed app. “How unsure of itself can the world’s top superpower be to fear a favorite app of young people like that?” Chinese Foreign Ministry spokeswoman Mao Ning told a press briefing on Tuesday. 

Today, on behalf of the U.S. Environmental Protection Agency (EPA) and in coordination with the U.S. Attorney’s Office for the Eastern District of Louisiana, the U.S. Department of Justice filed a complaint under Section 303 of the Clean Air Act against Denka Performance Elastomer LLC (Denka) to compel Denka to significantly reduce hazardous chloroprene emissions from its neoprene manufacturing facility in LaPlace, Louisiana.

Last week, Canada’s federal privacy watchdog and its provincial counterparts in British Columbia, Alberta and Quebec announced an investigation to delve into whether the app complies with Canadian privacy legislation. Canadian Treasury Board President Mona Fortier said the federal government will also block the app from being downloaded on official devices in the future.

Crypto exchanges Huobi and KuCoin, both based in Seychelles, failed to take steps to prevent sanctioned Russian banks from using their platforms, according to a report from the blockchain analytics firm Inca Digital provided to POLITICO. Both exchanges still allow traders to transact with debit cards issued by sanctioned Russian banks, including Sberbank, on their peer-to-peer platforms, according to the report, which will be published later today.

While neither exchange actually accepts funds from blacklisted banks, letting crypto buyers trade with each other using accounts with sanctioned institutions represents a “direct violation of U.S. and European sanctions with a little bit of a loophole,” Inca CEO Adam Zarazinski said in an interview.

Covered entities under the California Consumer Privacy Act are on the cusp of long-awaited legal certainty regarding updated compliance efforts. The California Privacy Protection Agency Board voted 4-0 at its latest meeting to finalize its first set of proposed California Privacy Rights Act regulations. The final rulemaking package, which consists of the proposed regulations and a draft final statement of reasons from the CPPA, will soon be sent to the California Office of Administrative Law for review and approval. Barring…

On February 1, 2023, the Federal Trade Commission announced that it entered into a proposed order with GoodRx, a telehealth and prescription drug discount provider, for violations of the FTC’s Health Breach Notification Rule stemming from GoodRx’s unauthorized disclosures of consumers’ personal health information to third party advertisers and other companies. This is the first enforcement action taken under the FTC’s Health Breach Notification Rule, which was issued in 2009. The FTC’s Health Breach Notification Rule defines a “breach of…

  Author: Keri Bennett As of February 1, 2023, two new sections of the British Columbia Freedom of Information and Protection of Privacy Act (“FIPPA”) and associated regulations are in force. All public bodies governed by FIPPA in the province of British Columbia (generally speaking all government ministries and the broader public sector) are now required to report privacy breaches to individuals and the Office of the Information and Privacy Commissioner and develop a “privacy management program”. What is a privacy breach? A privacy breach is…

  The Federal Trade Commission has taken enforcement action for the first time under its Health Breach Notification Rule against the telehealth and prescription drug discount provider GoodRx Holdings Inc., for failing to notify consumers and others of its unauthorized disclosures of consumers’ personal health information to Facebook, Google, and other companies. In a first-of-its-kind proposed order, filed by the Department of Justice on behalf of the FTC, GoodRx will be prohibited from sharing user health data with applicable third…

In a complaint first announced in October 2022, the FTC said that Chegg failed to protect the personal information it collected from users and employees. For example, the company stored users’ personal data on its cloud storage databases in plain text and, until at least 2018, employed outdated and weak encryption to protect user passwords. As a result of its poor data security, Chegg experienced four data breaches that exposed the personal information of about 40 million users and employees, including users’ email addresses and sensitive scholarship data such as their dates of birth, sexual orientation and disabilities, as well as financial and medical information about Chegg employees.

The FTC’s order requires Chegg to implement a comprehensive information security program, limit the data the company can collect and retain, offer users multifactor authentication to secure their accounts, and allow users to request access to and deletion of their dat

The U.S. took a big step in the development of a national artificial intelligence strategy with the release of the U.S. Department of Commerce National Institute of Standards and Technology’s Artificial Intelligence Risk Management Framework 1.0, Jan. 26.

Required under the National AI Act of 2020, the framework is the product of 15 months of work by NIST scientists who compiled public comments from more than 240 AI stakeholders through multiple listening sessions and workshops, while producing two previous drafts of the document last year. The framework is voluntary but will help organizations deploying AI systems to enhance their trustworthiness and reduce biases, while protecting individuals™ privacy.

Along with the framework document, the NIST also released the AI RMF Playbook, which is expected to be updated every six months as best practices for navigating the framework develop, according to Under Secretary of Commerce for Technology and NIST Director Laurie Locascio.