The Dutch Data Protection Authority (‘DP Authority’) launched an investigation into Microsoft’s data processing made via its Windows 10 operating system. The DP Authority published its report¹ on 13 October 2017, which found that Microsoft breaches the Dutch Data Protection Act (‘DDPA’) when processing the telemetry data of Windows 10 users. The report’s conclusion signifies the importance of default settings in the context of software updates and user consent requirements for cross-border data collection. / read more

The Spanish Data Protection Authority, following an investigation, has found that Facebook processes data, including sensitive data, for advertising purposes without obtaining adequate consent; it also found that Facebook does not delete users’ data when requested to do so or where the data becomes no longer relevant. The Spanish Data Protection Authority’s findings, and subsequent fine handed down to Facebook, represent the consequences of broader changes to how data processors are viewed within the EU. / read more

The European Commission fined Google €2.42 billion in June for breaching EU antitrust rules - this being by far the single highest fine in Europe to date - and ordered Google to end the illegal conduct within 90 days or face penalty payments of up to 5% of the average daily worldwide turnover of Alphabet, Google’s parent company. / read more

A recent UK High Court decision saw a private investigation firm forced to comply with a subject access request (‘SAR’) made under the Data Protection Act 1998 (‘DPA’). / read more

Following a seven-month investigation, on 19 December 2014, the Italian Competition Authority (‘ICA’) held US travel website TripAdvisor LLC and its Italian subsidiary, TripAdvisor Italy S.r.l. (‘TripAdvisor’), jointly and severally liable for publishing misleading information about reviews and ordered them to pay a fine of €500,000. / read more

The CAT for the first time overturned a decision by the then OFT, in an investigation into the terms on which rooms were sold in hotels through online travel agents. The CAT’s ruling could reopen questions as to the legality of such arrangements in the UK. / read more

Following an investigation into an advert for a ‘freemium’ game, the UK’s Advertising Standards Authority found that Electronic Arts’ app Dungeon Keeper had breached the misleading advertising components of the CAP code, principally in regard to a lack of clarity in the advert as to the role of in-app purchasing in speeding up gameplay. / read more

Canada’s Office of the Privacy Commissioner issued a Report of Findings in January on an investigation into a complaint, alleging that health information collected from the complainant’s online browsing activity was used to deliver targeted ads without his consent, which resulted in Google making a number of commitments. / read more

The SEC issued guidance that disclosures of material non-public information through social media can satisfy Regulation FD, but issuers should consider the unique characteristics of social media in applying the SEC analytical framework. / read more

The International Trade Commission has seen a significant increase in intellectual property litigation investigations, particularly concerning cases involving infringing goods being imported into the US. / read more