Verkada: Data Protection Issues
On Aug. 30, 2024, the Federal Trade Commission filed an agreed lawsuit against Verkada, Inc.1 The FTC makes several allegations in its complaint that range from failure to use appropriate information security practices to protect customers’ and consumers’ personal information collected through the company’s security cameras, making false statements regarding compliance with HIPAA and Privacy
About Consent Decrees
Last Friday, Aug. 30, 2024, the Federal Trade Commission filed a stipulated lawsuit against Verkada, Inc.1 The FTC makes several allegations in its complaint that range from failure to use appropriate information security practices to protect customers’ and consumers’ personal information collected through the company’s security cameras, making false statements regarding compliance with HIPAA and Privacy
Legitimate Interest is not just something you assert
Over the years, I’ve heard many excuses for not sending permission-based emails. One of the more creative excuses came from a sender in the EU who, with complete confidence, told me: “I don’t need consent! We have a legitimate interest in marketing our products!” The General Data Protection Regulation (GDPR) provides a legal basis for
Plaintiff in Hartley dismisses her case without prejudice
What Happened: On July 17, the judge dismissed the Plaintiff’s case for lack of standing, giving the Plaintiff 21 days to amend the complaint.1 Instead of filing an amended complaint, the Plaintiff dismissed the case entirely but can refile it later.2 Implications of the Dismissal: This dismissal without prejudice means the Plaintiff can refile the
Hartley thrown out: Good news for permission, bad news for spammers
Since December 2023, nationwide, around a dozen class action lawsuits have been filed in federal district courts alleging violations of the same Arizona statute.1 At least two cases (Hartley and Mills) have motions to dismiss with Hartley the first to be decided. This post will examine Hartley and its implications.23 What are these cases alleging?
“Forget Me!” Handling Data Deletion Requests as a Data Processor
People have more control over their personal information than ever before. Regulations like the GDPR (General Data Protection Regulation), CCPA (California Consumer Privacy Act), and even the new TDPSA (Texas Data Privacy and Security Act) grant users the “right to erasure,” also known as the “right to be forgotten.” This means they can request that
Tulsi Gabbard performs a public service
Back in August of 2019, the Tulsi Gabbard campaign (“Tulsi Now, Inc.”) sued Google after Google temporarily suspended the campaign’s Adwords account after the first Democratic Presidential Candidate Debates (Marinucci & Strauss, 2019). Earlier this week, in a move that should have surprised absolutely no one, the judge in the case threw out the lawsuit
Oklahoma does … something?
On January 13, 2020, the Oklahoma House received a nonsense bill. Rep. Collin Walke, Oklahoma E-Mail Communication Content Privacy Protection Act, (2020). This bill is intended to “make it illegal for companies, like Google or Microsoft, that host email servers to glean information from users.” Collin Walke, Facebook Post, Facebook (2020), https://www.facebook.com/Walkefor87/posts/2657786940984444 (last visited Jan
US Supreme Court to consider TCPA case
https://www.supremecourt.gov/docket/docketfiles/html/public/19-631.html is the docket page for Barr, et al., v. American Association of Political Consultants, Inc., et al. This is a TCPA case involving automated calls with both the Petitioner and the Respondent in agreement as to what they feel the outcome should be. The favored result would probably gut the TCPA’s prohibition against the