The U.S. District Court of Idaho on Monday denied data broker Kochava's motion to dismiss a case alleging that the broker's data sales are unfair acts or practices likely to cause substantial injury to consumers in violation of Section 5(a) of the FTC Act. Kochava moved to dismiss on the basis that Section 5(a) requires tangible consumer injury and a violation of well-established legal policy, the order said. The court said the "FTC is authorized to seek injunctive relief if it has 'reason to believe' that a business is violating, or is about to violate, a law enforced by the FTC," denying Kochava's motion.
Treasury Secretary Scott Bessent will serve as acting director of the Consumer Financial Protection Bureau, the agency announced Monday. CFPB has key privacy authority under the Gramm-Leach-Bliley Act (GLBA). Capitol Hill Republicans told us in recent interviews they plan to use budget negotiations to rein in the agency's cost and scope.
Days ahead of the Jan. 31 deadline for data broker registration, the California Privacy Protection Agency announced that Connecticut-based data broker Key Marketing Advantage (KMA) agreed to pay $55,800 for failing to register and pay a fee in 2024.
"A strong data privacy bill must include a private right of action to allow … individuals to bring a lawsuit when they suffer actual damages,” Vermont Attorney General Charity Clark (D) said Monday. At a livestreamed press conference, Clark supported state Rep. Monique Priestley (D) in reintroducing a privacy bill that Gov. Phil Scott (R) vetoed last year. Priestley said the 2025 bill will also include data minimization rules, despite business concerns stemming from Maryland’s law, which includes such requirements.
A new privacy protocol aims at getting consumers quicker responses from businesses when they seek to exercise their data rights under a growing body of state laws. Consumer Reports and a group of privacy compliance companies will release the Data Rights Protocol (DRP) on Tuesday after nearly four years of development, CR told Privacy Daily. OneTrust, Transcend, Yorba and CR’s Permission Slip announced that they added DRP to their systems and are working to move it to production.
Data processors who use databases freely available online or provided by a third party such as a data broker must verify that their formation or sharing isn't "manifestly unlawful," French privacy regulator CNIL warned Friday (in an unofficial translation). Whoever compiles, uploads or shares the database must comply with laws banning theft or distribution of stolen data and must check that the information isn't the result of a data leak, it said.
NTIA should prioritize transparency and open-internet principles and respect individual privacy rights when crafting potential ethical guidelines for researchers who handle pervasive data, consumer and internet advocates said in comments recently posted.
The FTC released some initial insights from the surveillance pricing study, with findings that indicated intermediaries have access to a large amount of data types and sources, as well as tools that can influence prices that consumers see, said the commission in a blog Friday.
Data brokers have a Jan. 31 deadline to provide the California Privacy Protection Agency with full metrics about their responses in 2023 to privacy rights, Kelley Drye attorneys warned in a blog post earlier this week.
The FTC on Tuesday announced two nonmonetary settlements with data brokers related to location data.