Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching on the title or by clicking on the hyperlinked reference number.
The California Privacy Protection Agency (CPPA) dressed down national menswear retailer Todd Snyder with a $345,178 fine Tuesday for alleged violations of the California Consumer Privacy Act (CCPA). Closely following CPPA action last March against Honda, the Todd Snyder case is more than an enforcement action. It also “highlights a trend by this agency of looking beyond surface compliance with the CCPA,” Wiley privacy attorney Joan Stewart told us. The agency’s board adopted the enforcement decision May 1.
A disconnect exists between legislatures, the privacy laws they create and the litigation that results from them, said panelists during a Federal Communications Bar Association (FCBA) event on privacy litigation trends Thursday. Instead, this ecosystem results in great confusion, prompting a rise in privacy law-related cases, they said.
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a $600,000 settlement with California health care network PIH Health, Inc. (PIH) Wednesday over a phishing attack that allegedly exposed electronic protected health information (ePHI) of almost 200,000 individuals.
European Data Protection Supervisor Wojciech Wiewiorowski is worried about what's going on in the U.S. and its potential effect on the EU-U.S. Data Privacy Framework (DPF), he said Wednesday at a streamed Brussels briefing on the EDPS' 2024 annual report.
States are seeking to build a foundation of privacy enforcement by taking action against a broad range of companies, state enforcement officials said Wednesday on a panel at the IAPP Global Privacy Summit. An increasing number of privacy regulations around the world present a big challenge for companies that operate in many global markets, said another IAPP panel earlier Wednesday.
Toyota was sued Monday in the U.S. District Court for Eastern Texas for the alleged collection and sale of drivers' data to insurance company Progressive, despite saying in their Data Sharing Policies that it does not share this information without the drivers' consent. Progressive uses the data in their Snapshot data-sharing program that measures a variety of aspects related to driving, the class action alleges.
The Hong Kong Privacy Commissioner's Office published an updated edition of its information booklet about getting legal assistance with civil claims under the Personal Data (Privacy) Ordinance (PDPO).
President Donald Trump’s recent firings of FTC commissioners were illegal and undermine bipartisan work on privacy enforcement, a coalition of Democratic state attorneys general wrote Friday in an amicus brief.
A plan aimed at boosting cross-border cooperation in enforcing the General Data Protection Regulation (GDPR) could end up making things worse, Austrian privacy advocacy group Noyb warned Thursday.