Going Global Data Privacy & Protection Insights – Monthly Newsletter August 2019

HBS Attorney Analysis


German DPA Tackles Artificial Intelligence
By: Chase Langhorne, Esq.

Artificial Intelligence (“AI”) devices can make everyday life easier. They can tell us the temperature outside, set a timer, and even order a pizza; but what is happening to all of the data being collected by these devices? Think of everything an AI device hears in your living room while waiting for the designated wake up command…

Nevada’s New Privacy Law Goes Into Effect In October
By: Anthony Stewart, Esq.

Does your business have a website? If so, it will likely need to comply with yet another new online privacy law that goes into effect in a little over three short months. Nevada recently passed SB220, which amends its existing online privacy law and provides Nevada residents the ability, in certain circumstances, to opt-out of the sale of their “covered information” to third parties. It goes into effect on October 1, 2019.

Class Action Proceeds Against Facebook For Violation Of Illinois Biometric Information Privacy Act (“BIPA”)
By: Richard Sheinis, Esq.

The Ninth Circuit has ruled that a case against Facebook for violating the Illinois Biometric Information Privacy Act can proceed as a class action. The lawsuit stems out of Facebook’s “Tag Suggestions” feature. When a Facebook user enables the Tag Suggestions feature, Facebook uses facial recognition technology to analyze whether the user’s Facebook friends are in photos uploaded by the user.

Maine Enacts Internet Privacy Legislation To Go Into Effect Next Year
By: Anthony E. Stewart,Esq.

California and New York are not the only states making waves in the world of technology and privacy. Earlier this month, Governor Janet Mills of Maine signed into law one of the nation’s strictest internet privacy protection bills – An Act To Protect the Privacy of Online Customer Information.

EU Court Of Justice Rules Using Facebook’s “Like” Button Creates A Joint Data Controller Relationship
By: Richard Sheinis, Esq.

Fashion ID is an online retailer whose website used a plug-in to feature a Facebook “Like” button. As a result of the plug-in, when a user lands on Fashion ID’s website, information about the user’s IP address and browser string is automatically transferred to Facebook. This transfer of information occurs irrespective of whether the user has clicked the “Like” button, and whether or not the user even has a Facebook account.

Latest News and Headlines


Data Breaches

FBI Examining Possible Data Breaches Related to Capital One
The Wall Street Journal

FDNY EMS Notifies More Than 10,000 Patients of Possible Data Breach
NBC Channel 4 New York

Pearson data breach: details of hundreds of thousands of U.S. students hacked

Capital One data breach involves 100 million credit card applications

Russia’s Secret Intelligence Agency Hacked: ‘Largest Data Breach In Its History’

CafePress Hacked, 23M Accounts Compromised. Is Yours One Of Them?

Data Breach Alert: Over 1 Million Credit Card Data From The U.S., South Korea Have Been Leaked

Fines and Settlements

UK Fines Jump Since GDPR Implementation

EU Nears Decisions in Facebook Privacy Cases
The Wall Street Journal

French Regulator Says “Oui” to GDPR Fines for Under-Protected and Over-Retained Data
The National Law Review


United States

New York City might ban wireless companies from selling your location data
CNN Business

Richard Sheinis Earns Fellow Of Information Privacy Designation

Third Circuit Upends Settlement in Google Privacy Litigation

States battle big tech over data privacy laws
Herald & Review


North Korea reportedly stole $2B in wave of cyber attacks

NSW govt considers making data breach reporting mandatory

Marriott Takes $126 Million Charge Related to Data Breach
The Wall Street Journal

Most EU Cookie ‘Content’ Notices are Meaningless or Manipulative Study Finds

Researchers Show How Europe’s Data Protection Laws Can Dox People