Tag: regulatory-compliance

As 2022 comes to a close, is it possible to predict a trend for corporate and white-collar enforcement by the U.S. Department of Justice in 2023? Yes: enforcement will increase in 2023, and it will increase yet more in 2024. Understanding the Department as a dispersed, human institution that responds to incentives explains why.

On 2 November 2022, the Portuguese Data Protection Authority (“CNPD”) issued a Decision imposing a fine of € 4,300,000 (four million three hundred euros) to the National Institute of Statistics (“INE”) for multiple violations in the processing of data subjects’ sensitive data during the Census 2021 operation. Background On the 27th of April 2021, after launching an investigation into the…

On November 25, 2022, Ireland’s Data Protection Commission (“DPC”) released a decision fining Meta Platforms, Inc. (“Meta”) €265 million for a 2019 data leak involving the personal information of approximately 533 million Facebook users worldwide. In the decision, the DPC argued that Meta failed to comply with the GDPR’s requirement of providing privacy “by design and default” when it failed…

On November 15, 2022, the Italian Supreme Court held that an Italian court or competent data protection authority has jurisdiction to issue a global delisting order. A delisting order requires a search engine to remove certain search results about individuals if the data subject’s privacy interests prevail over the general right to expression and information, and the economic interest of…

May 31, 2022. The Department of Justice, together with the Federal Trade Commission (FTC), announced a settlement that, if approved by a federal court, will require Twitter Inc. to pay $150 million in civil penalties and implement robust compliance measures to protect users’ data privacy. The settlement will resolve allegations that Twitter violated the FTC Act and an administrative order…

May 10, 2022. The Centers for Disease Control and Prevention (CDC) bought access to location data harvested from tens of millions of phones in the United States to perform analysis of compliance with curfews, track patterns of people visiting K-12 schools, and specifically monitor the effectiveness of policy in the Navajo Nation, according to CDC documents obtained by Motherboard. The…

May 9, 2022. Facial recognition company Clearview AI has agreed to stop its sales to private companies in the United States as part of a landmark settlement reining in a technology criticized as threatening Americans’ privacy rights. The settlement, filed Monday in federal court in Illinois, marks the most significant court action yet against Clearview AI, a company known for…

Video

The ACLU published thousands of pages of previously unreleased records showing that the Department of Homeland Security (DHS) are sidestepping the constitutional right against unreasonable government search and seizure.  DHS has been buying access to and using large volumes of cell phone location information that has been “quietly extracted from smartphone apps” of U.S. citizens and others — using their…