The California Privacy Protection Agency (CPPA) dressed down national menswear retailer Todd Snyder with a $345,178 fine Tuesday for alleged violations of the California Consumer Privacy Act (CCPA). Closely following CPPA action last March against Honda, the Todd Snyder case is more than an enforcement action. It also “highlights a trend by this agency of looking beyond surface compliance with the CCPA,” Wiley privacy attorney Joan Stewart told us. The agency’s board adopted the enforcement decision May 1.
A disconnect exists between legislatures, the privacy laws they create and the litigation that results from them, said panelists during a Federal Communications Bar Association (FCBA) event on privacy litigation trends Thursday. Instead, this ecosystem results in great confusion, prompting a rise in privacy law-related cases, they said.
An Irish Data Protection Commission (DPC) decision to fine TikTok $600 million for General Data Protection Regulation (GDPR) breaches (see 2505020001) highlights the increasing scrutiny on transfers to and from a broader range of countries than just the U.S., EU and U.K., IAPP Research Director Joe Jones said Friday.
TikTok's transfer of Europeans' personal data to China violated the EU General Data Protection Regulation (GDPR), the Irish Data Protection Commission (DPC) announced Friday. It fined the social media platform $600 million (530 million euros) and ordered it to clean up its act within six months or face suspension of its data transfers to China. TikTok said it will appeal.
Microsoft supports regulatory efforts to simplify compliance with privacy laws globally, said Cari Benn, the company’s associate general counsel-privacy, accessibility and regulatory affairs, in an interview last week at the IAPP Global Privacy Summit. Meanwhile, as Microsoft embraces AI, it's striving to apply privacy principles to the emerging technology.
Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching on the title or by clicking on the hyperlinked reference number.
The House voted 409-2 Monday to pass the Take It Down Act (S-146), despite privacy-related objections from encryption advocates.
A Connecticut bill that updates the state’s comprehensive privacy law took a step closer to passage Friday when it cleared the legislature’s joint Judiciary Committee.
The U.K. Information Commissioner’s Office (ICO) plans to “relax” online advertising-related privacy enforcement, using the GDPR's "legitimate interest" principles as justification, Executive Director-Regulatory Risk Stephen Almond told us Thursday at the IAPP Global Privacy Summit in Washington.
OpenAI CEO Sam Altman and Tools for Humanity CEO Alex Blania used the IAPP Global Privacy Summit as a “sales pitch” opportunity for their “biometric data-based, crypto-powered identity product,” U.K. privacy attorney and entrepreneur Sergio Maldonado said in a post Thursday.