Russell Myers reports: A hospital worker at the private clinic where the Princess of Wales had abdominal surgery is set to face a criminal prosecution following an investigation into claims that the Princess’ medical records had allegedly been accessed by staff in 2024, it is understood. A total of three trusted employees, who worked at The...

Greg Bensinger reports: Amazon was sued on Monday by a Virginia resident over what he said were privacy violations after the company’s Ring doorbell cameras at friends and ​family members’ homes collected and stored images of his face using facial recognition ‌software. The plaintiff, Charles Sigwalt, who is seeking class-action status, sued Amazon in federal...

A May 21, 2026 press release from Texas Attorney General Ken Paxton: Attorney General Ken Paxton filed suit against Meta Platforms Inc. and WhatsApp LLC (collectively “WhatsApp”) after the company misled consumers regarding the strength and scope of its privacy protections for its messaging app, WhatsApp. WhatsApp is widely marketed as a secure messaging service...

Tech companies like Google, Facebook and Microsoft are ignoring data controls mandated under California law, researchers say. By: Colin Lecher A new audit has found that websites across the internet may be failing to abide by California privacy law, ignoring a requirement to not track visitors who set a privacy control. The report, from researchers...

Steve Alder reports: Tempus AI, a publicly traded healthcare artificial intelligence company, is facing multiple class action lawsuits over the alleged unauthorized collection and disclosure of genetic testing results, which were derived from genetic testing by Ambry Genetics Corporation (Ambry Genetics). Tempus AI used Ambry Genetics’ genetic database to train its AI models. Tempus AI...

Margaret Attridge reports: A federal judge Thursday indicated he would grant preliminary approval to a proposed $56 million class action settlement over a lawsuit that accused period tracking app Flo of sharing users’ highly sensitive information with third parties, including Google. “I have to get rid of this thing. No one has gotten paid. This...

There seem to be more news stories about data protection out of Kenya recently. This one appeared on CapitalFM: The Office of the Data Protection Commissioner (ODPC) has found St Luke’s Orthopaedic and Trauma Hospital liable for unlawfully disclosing a patient’s sensitive medical information and ordered it to pay Sh525,000 in compensation. In a ruling...

Cyrus Farivar reports: Several Californians sued Sutter Health and MemorialCare this week over allegations that an AI transcription tool was used to record them without their consent, in violation of state and federal law. The proposed class-action lawsuit, filed on Wednesday in federal court in San Francisco, states that, within the past six months, the plaintiffs received...

The Standard reports: A medical intern at Princess Margaret Hospital has been suspended after allegedly posting photos containing patients’ information on a personal social media account, the Hospital Authority (HA) announced. The incident came to light after a complaint was filed on Friday, prompting the hospital to launch an immediate investigation. A spokesperson for the...

Odia Kagan of FoxRothschild writes: The Italian Data Protection Authority (Garante) recently fined online classifieds platform Bakeca S.r.l. after an unknown user published two ads, including an explicit offer for sex work, listing the phone number of a person who had nothing to do with the ads and never consented to their publication. The decision,...

Odia Kagan of FoxRothschild writes: A new federal court decision denied a motion to dismiss in a case alleging Federal Electronic Communications Privacy Act (ECPA) claims arising from the sharing of health information through a website’s online tracking technology. What does this case teach and what should healthcare companies be doing about it? Recap of...

Colin Woods reports: The Massachusetts Department of Public Health last month settled a class-action lawsuit by a handful of Android users who claimed that the state had worked with Google to automatically install a COVID-19 contact-tracing app on their phones, and the phones of more than one million others, tracking their locations and transmitting their...

Top Class Actions reports: Google agreed to a $135 million class action settlement to resolve claims that it used Android devices to transfer information to Google without user permission, consuming cellular data. The Google class action settlement benefits consumers who have used mobile devices running the Android operating system to access the internet through cellular...

Aaron Graf of  Amundsen Davis LLC writes: Under Wisconsin law, employees must first be the victim of identity theft or other concrete, imminent harm to have standing to sue employer for data breach. Mere risk of future data misuse is not enough to establish standing. […] A recent Wisconsin Court of Appeals decision, though unpublished,...

Sergiu Gatlan reports: The U.S. Federal Bureau of Investigation (FBI) warned Americans against using foreign-developed mobile applications, particularly those created by Chinese developers. In a public service announcement (PSA) issued via its Internet Crime Complaint Center (IC3) platform this Tuesday, the FBI warned of privacy and data security risks associated with these apps. “As of...

The Federal Trade Commission is taking action against OkCupid and its affiliate Match Group Americas over allegations OkCupid deceived users of its dating app by sharing their personal information, including photos and location information, with an unrelated third party, contrary to OkCupid’s privacy promises. As part of a settlement, OkCupid, operated by Dallas-based Humor Rainbow,...

Did you sign up for the new White House app? Don’t use it until you read this, because it puts your privacy and data security at risk. Patrick Quirk takes an impressive technical piece and distills it for those of us who are not developers or coders. His article is based on original research by...

Jonathan Bilyk reports: Class action lawsuits are uploading into federal court against Facebook- and Instagram-parent company Meta and eyewear maker Luxottica and other companies associated with the development of Meta AI Glasses, accusing the companies of allegedly violating federal and California laws by allegedly surreptitiously recording users’ surroundings and then using that information to train...

A press release issued on March 17 by the Office of the Privacy Commissioner of Canada: The World Anti-Doping Agency (WADA) has committed to implementing measures to help ensure that international sport federations and other anti-doping organizations do not use highly sensitive personal information collected from athletes and that is under WADA’s control for purposes other...

Hunton Andrews Kurth writes: On March 3, 2026, the California Privacy Protection Agency (“CalPrivacy”) announced its first California Consumer Privacy Act (“CCPA”) enforcement action involving student privacy, requiring 2080 Media, Inc., d/b/a PlayOn Sports (“PlayOn”), to pay a $1.10 million fine for alleged violations of the CCPA in a stipulated order. PlayOn is a media and technology company...