Legal Library: Cases and Proceedings

The FTC finalized an order requiring Marriott and Starwood to settle charges they failed to implement reasonable data security, which led to data breaches.

The FTC reached a settlement with 1Health.io over allegations that it left sensitive genetic and health data unsecured, deceived consumers about their ability to get their data deleted and changed its privacy policy retroactively without adequately notifying and obtaining consent from consumers whose data the company had already collected.

The Federal Trade Commission filed a lawsuit against data broker Kochava Inc. for selling geolocation data from hundreds of millions of mobile devices that can be used to trace the movements of individuals to and from sensitive locations. Kochava’s data can reveal people’s visits to reproductive health clinics, places of worship, homeless and domestic violence shelters, and addiction recovery facilities. The FTC alleges that by selling data tracking people, Kochava is enabling others to identify individuals and exposing them to threats of stigma, stalking, discrimination, job loss, and even physical violence. The FTC’s lawsuit seeks to halt Kochava’s sale of sensitive geolocation data and require the company to delete the sensitive geolocation information it has collected.

The FTC has taken action against NGL Labs, LLC and two of its co-founders, Raj Vir and Joao Figueiredo, for a host of law violations related to their anonymous messaging app, including unfairly marketing the service to children and teens.

The FTC has taken action against an alcohol addiction treatment service for allegedly disclosing users’ personal health data to third-party advertising platforms, including Meta and Google, for advertising without consumer consent, after promising to keep such information confidential.

Cerebral, Inc. has agreed to an order that, will restrict how the company can use or disclose sensitive consumer data and require it to provide consumers with a simple way to cancel services to settle FTC charges that the telehealth firm failed to secure and protect sensitive health data.

Blackbaud, Inc. will be required to delete personal data that it doesn’t need to retain as part of a settlement with the FTC over charges that the company’s lax security allowed a hacker to breach the company’s network and access the personal data of millions of consumers including Social Security and bank account numbers.

The Federal Trade Commission has issued a proposed order to settle charges that online counseling service BetterHelp revealed consumers’ sensitive data with third parties such as Facebook and Snapchat for advertising after promising to keep such data private.

InMarket Media will be prohibited from selling or licensing any precise location data to settle Federal Trade Commission charges that the company did not fully inform consumers and obtain their consent before collecting and using their location data for advertising and marketing.

The FTC  charged Ring with compromising its customers’ privacy by allowing any employee or contractor to access consumers’ private videos and by failing to implement basic privacy and security protections, enabling hackers to take control of consumers’ accounts, cameras, and videos.