Kirk Nahra

Kirk Nahra

WilmerHale

Contact

Readers' Choice Awards

Data Privacy
Data Privacy
Data Privacy
View Bio
RSS

Latest Posts › Enforcement Actions

Share:

FTC Announces Enforcement Action Against Microsoft Over COPPA Violations

On June 5th, the Federal Trade Commission (FTC) announced a settlement with Microsoft over alleged violations of the Children’s Online Privacy Protection Act (COPPA) for its data practices involving its Xbox live product. ...more

6/21/2023  /  Amazon , Compliance , COPPA , Data Collection , Data Retention , Enforcement Actions , Federal Trade Commission (FTC) , Microsoft , Minors , Parental Consent , Personal Information , Popular , Xbox

FTC Proposes Changes to Clarify the Health Breach Notification Rule’s Applicability to Health Apps and Other Evolving Technologies

On May 18, the Federal Trade Commission (FTC) proposed changes to the Health Breach Notification Rule (the HBNR or the Rule), including clarifying the rule’s applicability to health apps and other similar technologies. These...more

6/9/2023  /  Comment Period , Digital Health , Enforcement Actions , Federal Trade Commission (FTC) , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , HIPAA Breach Notification Rule , Mobile Health Apps , PHI , Proposed Amendments

FTC Brings Second Enforcement Action Against Healthcare Company for Violating the Health Breach Notification Rule

On May 17, 2023, the Federal Trade Commission (the “FTC”) reached a settlement with Easy Healthcare Corporation (“Easy Healthcare”), for its fertility-tracking app, Premom. The agency alleged that Easy Healthcare failed to...more

5/25/2023  /  Corporate Counsel , Data Privacy , Data Security , Data-Sharing , Electronic Protected Health Information (ePHI) , Enforcement Actions , Federal Trade Commission (FTC) , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , HIPAA Breach Notification Rule , Mobile Apps , Mobile Health Apps , PHI , Policy Statement , Risk Mitigation

SEC Reaches Settlement with Blackbaud Over Inadequate Disclosure Controls

On March 9, 2023, the Securities and Exchange Commission (SEC) reached a settlement with Blackbaud – a client relationship management (CRM) service provider for nonprofits – over allegations that Blackbaud (i) made materially...more

3/16/2023  /  Disclosure Requirements , Enforcement Actions , Material Misstatements , Ransomware , Securities and Exchange Commission (SEC) , Settlement

FTC Continues Enforcement Focus on the Use and Disclosure of Health Information for Advertising

On Thursday, March 2, the FTC announced an enforcement action against BetterHelp, Inc., an online mental health counseling service, relating to claims that the company’s collection and use of consumer health data were unfair...more

3/8/2023  /  Advertising , Data Breach , Data Privacy , Enforcement Actions , Enforcement Authority , Enforcement Priorities , Federal Trade Commission (FTC) , FTC Act , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , LGBTQ , Mental Health , Pharmacies , Section 5 , Settlement , Telehealth , Unfair or Deceptive Trade Practices

Attorneys General Bring Multistate Data Breach Settlement Against DNA Testing Lab

On February 17, 2023, the state attorneys general of Pennsylvania and Ohio reached a settlement with Ohio-based DNA Diagnostics Center (“DDC”) for a 2021 data breach that affected 2.1 million individuals nationwide and...more

2/23/2023  /  Clinical Laboratories , Cybersecurity , Data Breach , Electronic Protected Health Information (ePHI) , Enforcement Actions , Federal Trade Commission (FTC) , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , Laboratories , Material Misstatements , PHI , Settlement , State Attorneys General , Statutory Violations

FTC Brings First of its Kind Enforcement Action against GoodRx for Violating the Health Breach Notification Rule

On February 1, 2023, the Federal Trade Commission (FTC) reached a settlement with digital health platform GoodRx for sharing users’ personal health information with third parties without properly disclosing their data...more

2/6/2023  /  Enforcement Actions , Federal Trade Commission (FTC) , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , HIPAA Breach Notification Rule , Pharmacies , PHI , Policies and Procedures , Risk Management

Settlement with Epic Games Highlights Continued Focus by Regulators on Unfair Privacy Practices, Teens, and User Interface Design

On December 19, the Federal Trade Commission (FTC) reached two separate record-breaking settlements with Epic Games, Inc. (“Epic”) over allegations, among others, that the Fortnite video game maker knowingly violated the...more

12/28/2022  /  Children's Online Games , Consent Order , COPPA , Enforcement Actions , Federal Trade Commission (FTC) , FTC Act , Online Gaming , Settlement , Unfair or Deceptive Trade Practices , Website Design

CA AG Announces First Public CCPA Enforcement Decision

On August 24, 2022, California Attorney General Rob Bonta (“CA AG”) announced a $1.2 million settlement with Sephora, Inc. (“Sephora”), marking the first announced enforcement action under the California Consumer Privacy Act...more

8/26/2022  /  California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Customer-Loyalty Programs , Disclosure Requirements , Enforcement Actions , Opt-Outs , Retailers , Settlement , State Attorneys General , Statutory Violations

$8 Million Multistate Settlement Resolves 2019 Data Breach Investigation

State Attorneys General settle with Wawa, Inc. for 2019 data breach that compromised approximately 34 million payment cards used by consumers. On July 26, 2022, Acting New Jersey Attorney General Matthew J. Platkin...more

8/11/2022  /  Credit Cards , Data Breach , Data Security , Enforcement Actions , Hackers , PCI-DSS Standard , Sensitive Personal Information , Settlement , State Attorneys General

EDPB Adopts Guidelines on Calculation of GDPR Fines and on Facial Recognition Technology in Law Enforcement

On May 16, 2022, the European Data Protection Board (EDPB), the independent body of data protection supervisors that promotes consistent data protection rules and application thereof throughout the European Union (EU),...more

5/31/2022  /  Artificial Intelligence , Biometric Information , Corporate Counsel , Corporate Fines , Data Protection Authority , Enforcement Actions , EU , European Data Protection Board (EDPB) , Facial Recognition Technology , General Data Protection Regulation (GDPR) , Law Enforcement , New Guidance , Personal Data , Right to Privacy

FTC Settles With Weight Loss Company Over Children’s Data

The Federal Trade Commission (FTC) reached a settlement with WW International Inc., formerly known as Weight Watchers (WW), over allegations that the company collected children’s information without parental consent in...more

3/10/2022  /  Algorithms , Civil Monetary Penalty , COPPA , Data Collection , Department of Justice (DOJ) , Enforcement Actions , Federal Trade Commission (FTC) , Parental Consent , Settlement , Websites

FTC’s Settlement with MoviePass Highlights Expanded Use of Consumer Protection Rules

On June 7, 2021, the Federal Trade Commission (FTC) announced a settlement with MoviePass relating to allegations that MoviePass and its executives took steps to block subscribers from using the service as advertised, and...more

6/11/2021  /  Consent Order , Corporate Counsel , Enforcement Actions , Federal Trade Commission (FTC) , FTC Act , Personal Data , Settlement

Fifth Circuit Issues Landmark HIPAA Decision That Will Impact Future OCR Investigations

On January 15, 2021, the Fifth Circuit vacated a $4.3 million penalty that the Office of Civil Rights (OCR) at the Department of Health and Human Services (HHS) had issued against the University of Texas M.D. Anderson Cancer...more

1/20/2021  /  Covered Entities , Data Breach , Department of Health and Human Services (HHS) , Enforcement Actions , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , OCR , PHI

California Settles with Glow App Over Alleged Privacy and Security Violations

In September, the California Attorney General (the “AG”) reached a settlement with Glow, Inc. (“Glow”), a technology company that is responsible for an ovulation and fertility-tracking mobile application called the Glow app....more

9/30/2020  /  CMIA , Corporate Counsel , Enforcement Actions , False Advertising , Mobile App Privacy Guidelines , Mobile Apps , Security and Privacy Controls , Settlement , State Attorneys General , Unfair Competition Law (UCL)

New FTC Data Security Order Shows Trend in Increased Accountability for Data Security Post-Order

On June 12, 2019 Lightyear Dealer Technologies LLC, a company that provides data storage for many of the nation’s largest auto dealers, stipulated to an Order with the Federal Trade Commission (FTC) resulting from a 2016 data...more

6/17/2019  /  Assessment , Compliance , Consent Order , Corporate Executives , Data Breach , Data Security , Data Storage , Data Storage Providers , Enforcement Actions , Federal Trade Commission (FTC) , Injunctive Relief , Popular , Section 5 , Settlement , Stipulated Judgment , Third-Party
41 Results
 / 
View per page
« Previous
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide