In this week’s Privacy Tracker global legislative roundup, Twitter disclosed it has been under investigation by the U.S. Federal Trade Commission for possible privacy violations and could face a $250 million fine. Twenty separate federal lawsuits filed over the past year on behalf of TikTok Users in California and Illinois have been merged into one legal action, and in China, the Beijing Internet Court ruled against TikTok’s parent company in a case alleging misuse of user data.
THE LATEST
While enforcement of Maine’s online privacy law prohibiting internet service providers from selling or sharing customers’ information without their permission began Aug. 1, it remains unclear how providers will be held accountable, The Portland Press Herald reports.
More
Marriott International is moving to dismiss a class-action lawsuit filed in U.S. District Court in Maryland over improper access to customers’ personal information, Law Street Media reports.
More
In the U.K., Reuters reports the Information Commissioner’s Office is investigating Barclays and its employee tracking practices over allegations that the bank spied on staff.
More
APAC
The Beijing Internet Court ruled against Tencent Holdings and ByteDance, owner of Douyin and TikTok, in cases alleging misuse of user data, the South China Morning Post reports.
More
US
The National Biometric Information Privacy Act of 2020, introduced by U.S. Sens. Jeff Merkley, D-Ore., and Bernie Sanders, I-Vt., would prohibit private companies from collecting biometric information from consumers and employees without consent and give state attorneys general the power to bring lawsuits against non-compliant organizations.
More
A class-action lawsuit filed in the U.S. District for the Northern District of California claims Google employees “secretively” collected smartphone users’ “sensitive personal data” and information on non-Google apps, MediaPost reports.
More
Twenty separate federal lawsuits filed over the past year on behalf of TikTok users in California and Illinois have been merged into one legal action in the U.S. District Court for the Northern District of Illinois, NPR reports.
More
An Illinois woman filed a proposed class action in federal court in Chicago, claiming Macy’s use of Clearview AI facial recognition software violates the state’s Biometric Information Privacy Act, Bloomberg reports.
More
ENFORCEMENT
In Canada, Newfoundland and Labrador Information and Privacy Commissioner Michael Harvey said the Mount Pearl City Council’s handling of an employee harassment complaint violated the Access to Information and Protection of Privacy Act, CBC News reports.
More
Denmark’s data protection authority, Datatilsynet, fined PrivatBo DKK 150,000 for violating Article 32 of the EU General Data Protection Regulation, failing to have proper technical and security measures in place.
More
The French data protection authority, the Commission nationale de l’informatique et des libertés, issued a 250,000 euro fine against retailer Spartoo for violations of the EU General Data Protection Regulation.
More
Singapore’s Personal Data Protection Commission announced a slew of decisions on violations of the Personal Data Protection Act, including fines totaling $47,000, The Straits Times reports.
More
In the U.S., Capital One will pay an $80 million fine over its 2019 data breach that affected more than 100 million credit card applications, The Washington Post reports.
More
In a corporate filing with the U.S. Securities and Exchange Commission, Twitter disclosed it has been under investigation by the Federal Trade Commission since last October for possible privacy violations and could face a fine as high as $250 million.
More
In the U.K., British Airways expects the fine it faces from the Information Commissioner’s Office for alleged violations of the EU General Data Protection Regulation to be reduced from the original $230 million total, Compliance Week reports.
More
New Zealand’s Office of the Privacy Commissioner discussed the repercussions of a recent High Court decision that has forced some to question whether the definition of “personal information” has changed.
More
GUIDANCE
The U.S. Department of Labor’s Occupational Safety and Health Administration announced revisions to its regulation for access to employee medical records, including new safeguards for employees’ data held electronically.
More
