Israel: Full Scale Enforcement of the Data Security Regulations Commences

Following the first anniversary of the new Israeli Protection of Privacy Regulations (Data Security), the Israeli privacy regulator – the Protection of Privacy Authority – published a report summarizing its enforcement activities relating to data breaches. According to the report, the regulator carried out 146 instances of administrative enforcement action against organizations in relation to data breaches classified as ‘severe’ ...

New State Laws in the U.S. Aimed at Strengthening Consumer Privacy and Data Security

The New York State legislature has passed updates to the state’s breach notification law, expanding the scope of “private information” protected under the law to include biometric information, email addresses, and their corresponding passwords or security questions and answers, and protected health information. It broadens the definition of a notifiable data breach to include unauthorized access to private information and ...

GDPR Updates: New Guidelines, Code of Practice, Regulatory Decision and CJEU Judgment

Guidelines on Video Devices. The European Data Protection Board (EDPB) has issued draft guidelines for public comment on the data protection issues arising from the use of video devices and video surveillance. The guidelines explain that controllers operating video systems must establish the legal ground for video processing, the most likely ground being a compelling legitimate interest of the controller ...

FTC Continues Enforcement of Unfair and Deceptive Online Activities

The U.S. Federal Trade Commission (FTC) has issued two administrative complaints and proposed settlements enforcing the U.S. federal Consumer Review Fairness Act (CRFA), against two companies that had included “non-disparagement” clauses in their consumer contracts, restricting consumers from posting negative reviews online. The CRFA prohibits non-disparagement provisions in consumer form contracts, which are standardized terms used in selling ...

New EU Regulation Governing the Use of Drones

The European Union has published common rules on the use of drones, aimed at harmonizing the law on this issue across the 28 member states of the EU, so that drone operators better understand what they may and may not do. According to the European Union’s Aviation Safety Agency (EASA), “once drone operators have received authorization in [their] state of ...

Amazon Held Liable for Defective Product Sold by a Merchant

A consumer from Pennsylvania purchased a dog leash on Amazon, that when put to use, broke, recoiled back and hit the consumer’s face and eyeglasses, turning her permanently blind in her left eye. She sued Amazon for strict product liability. Her claims were dismissed by the United States federal district court on summary judgment, finding that the third-party merchant rather ...

FTC Hits Facebook With an Unprecedented Fine for Privacy Violations and a Rigorous Order on Privacy Governance

Facebook was hit with a $5 billion fine, the largest penalty ever imposed on any company for violating consumer privacy, almost 20 times greater than the largest privacy or data security penalty ever imposed worldwide to date and one of the largest penalties ever assessed by the U.S. government for any violation.

The U.S. Federal Trade Commission (FTC ...