fbpx

Download free GDPR compliance checklist!

Category Archives for "Court cases"

Privacy Debated in Fight Over Google Chrome Browser History Tracking

The plaintiffs in the class action claim they signed up for Chrome because Google explicitly said they would not have their browsing history sent to Google unless they decided to “sync” the browser with their account.

Despite these assurances, Chrome tracked their web browsing and sent it to Google, in violation of federal law and the newly minted California Consumer Privacy Act.

Google attorney Andrew Schapiro said plaintiffs had misconstrued the issue, saying that each of the plaintiffs was notified their web browsing history would be tracked when they agreed to the terms of service.

The attorney for Google also said the plaintiffs misunderstand how the advertising tracking component of the company works, because it tracks web browsing based on the website not on the browser.

Source: Privacy Debated in Fight Over Google Chrome Browser History Tracking – Courthouse News Service

A New Day for GDPR Damages Claims in Germany?

Until now, damages claims awarded by German courts pursuant to Article 82 of the General Data Protection Regulation (GDPR) – in particular, claims for non-material damages – have been relatively low. However, a more recent decision issued by the Federal Constitutional Court indicates that views in Germany may be evolving on this topic, and courts may soon be willing to entertain higher damages claims.

In a case decided in January 2021, Germany’s Federal Constitutional Court held that the issue of whether or not (and if so, the extent to which) a damages claim brought pursuant to Article 82 GDPR is subject to certain evidentiary requirements must be decided under European law and – if necessary – clarified by the Court of Justice of the European Union (CJEU).

If the CJEU continues to follow its data protection-friendly line of reasoning and pursue effective enforcement of data protection law, damages claims pursuant to Article 82 GDPR and legal proceedings based on such claims may become the new norm and much more important in the future.

Source: A New Day for GDPR Damages Claims in Germany? | Inside Privacy

Judge Approves Historic $650M Facebook Privacy Settlement

More than 1.5 million Illinois Facebook users will receive at least $345 each under the terms of the landmark deal.

A federal judge gave his final blessing Friday to a $650 million deal to resolve claims that Facebook illegally collected and stored users’ facial data without consent, making it one of the largest privacy-related settlements in U.S. history.

The approval comes more than five years after lead plaintiff Nimesh Patel sued Facebook in one of three consolidated class actions in 2015, claiming the social network started mapping users’ faces for its “Photo Tag Suggest” function in 2011.

The plaintiffs say Facebook did so without their permission and failed to inform them how long their data would be stored as required by the Illinois Biometric Information Privacy Act of 2008.

Source: Judge Approves Historic $650M Facebook Privacy Settlement – Courthouse News Service

TikTok owner ByteDance to pay US privacy settlement

TikTok’s Chinese parent company ByteDance has agreed to pay 92 million dollars in a settlement to US users who are part of a class-action lawsuit alleging the video-sharing app failed to gain their consent to collect data in violation of a strict Illinois privacy law.

The federal lawsuit alleged TikTok broke the Illinois biometric privacy law, which allows suits against companies that harvest consumer data without consent, including via facial and fingerprint scanning.

Source: TikTok owner ByteDance to pay US privacy settlement – Independent.ie

Deutsche Wohnen fine now declared invalid by a German court

There has been a big bang in the data protection world in Berlin as the first and most spectacular GDPR fine in Germany has just been declared invalid.

The Berlin Commissioner for Data Protection for Freedom of Information  issued a EUR 14.5 million fine against a German real estate company, die Deutsche Wohnen SE.

The Regional Court (Landgericht) of Berlin has now declared this fine invalid and closed the proceedings. The Berlin DPA will ask the public prosecutor’s office to appeal the Court’s decision and escalate the case to the next instance.

Source: Deutsche Wohnen fine now declared invalid by a German court

CJEU fines Spain €15 million for failure to implement Data Protection Law Enforcement Directive

The Court of Justice of the European Union (CJEU) ordered Spain to pay the European Commission 15.5 million euros and a potential daily fine thereafter for failing to transpose the Data Protection Law Enforcement Directive (Directive (EU) 2016/680).

On top of the €15 million fine Spain will have to pay a daily penalty payment of € 89 000 for each day of delay on transposition following the CJEU’s judgment.

Source: CJEU press release

Federal Constitutional Court: CJEU must clarify whether GDPR provides materiality threshold

The German Federal Constitutional Court has ruled the Court of Justice of the European Union needs to clarify if the EU General Data Protection Regulation provides for a materiality threshold for GDPR damage claims.

The Federal Constitutional Court’s decision overturns a judgment of the Goslar Local Court of Sept. 27, 2019, regarding the unlawful sending of an advertising email. The Local Court had held that the plaintiff had not suffered any compensable damage under Article 82 of the GDPR. The damage suffered by the plaintiff had not exceeded the materiality threshold in this matter.

The plaintiff subsequently filed a constitutional complaint with the Federal Constitutional Court, arguing the Local Court should have made a submission to the CJEU for a preliminary ruling under Article 267 of the Treaty of the European Union.

Source: Federal Constitutional Court: CJEU must clarify whether GDPR provides materiality threshold

Google challenges French data watchdog’s €100 million fine in court

France’s administrative court known as the Council of State considered on Thursday an application for interim measures filed by Google LLC and Google Ireland after the French Data Protection Authority known as the CNIL fined the digital giant €100 million last December for its cookie collection policy.

In its deliberation of 7 December 2020, the French data protection authority (CNIL) accused the US giant, whose European headquarters are based in Dublin, of contravening the law on information technology, files, and freedoms.

For its part, Google has appealed to the one-stop-shop mechanism provided for in the General Data Protection Regulation (GDPR) which, in its view, requires it to report on data protection matters only to the corresponding authority in the country in which it is based, namely Ireland.

Source: Google challenges French data watchdog’s €100 million fine in court – EURACTIV.com

1st Circuit Upholds Border Searches of Phones and Laptops

Border agents can turn on a U.S. citizen’s laptop, phone or other digital device, scroll through the data and then confiscate it for weeks even if they don’t have any reason to suspect that the owner is guilty of a crime, the First Circuit ruled Wednesday.

“Given the volume of travelers passing through our nation’s borders, warrantless electronic device searches are essential to … adequately protect the border,” the Boston-based court said in a decision. Requiring suspicion of wrongdoing “would hamstring the agencies’ efforts to prevent border-related crime and protect this country from national security threats.”

Source: 1st Circuit Upholds Border Searches of Phones and Laptops – Courthouse News Service

Facebook faces new UK class action after data harvesting scandal

Facebook is facing a second London High Court class action over allegations it failed to protect the personal details of about one million people in England and Wales, in the latest lawsuit to spring from a scandal over data harvesting.

Journalist and writer Peter Jukes said on Tuesday he had filed a lawsuit for unspecified but “substantial” damages three years after the social media giant was fined in Britain over how third-party app “This Is Your Digital Life” gathered Facebook users’ data without consent between 2013 and 2015.

The lawsuit is the second to allege Facebook allowed third-party apps to harvest the data of friends without their permission or knowledge. Litigation firm Milberg London, which is advising on a similar claim filed last October, said it was surprised to hear about the rival lawsuit.

Source: Facebook faces new UK class action after data harvesting scandal | Reuters

1 2 3 42
>