Blog
TikTok faces latest class action over pixel tracking
June 5, 2023
Want to receive these weekly privacy recaps in your inbox? Sign up for our privacy newsletter, A Little Privacy, Please.
United States
Texas Privacy Bill Sent to Governor
Texas HB 4, implementing the Texas Data Privacy and Security Act, was unanimously passed by both chambers, sending the bill to the Governor for signature.
TAKEAWAY
The Texas bill borrows several elements from existing privacy laws and also contains some unique elements.
For example, requirements for sensitive data are dictated based on the size of the company: large companies must obtain opt-in consent for all processing of sensitive data, while small companies must only obtain consent for the sale of sensitive data.
The Texas bill also requires specific language (“NOTICE: we may sell your [sensitive personal data / biometric personal data]”) be disclosed with the privacy notice, where applicable.
Finally, although opt-out preference signals must be recognized under the bill, Texas includes some exceptions absent in the other laws, including if a company “does not possess the ability to process the request”. Texas would be the fifth state (after California, Colorado, Connecticut and Montana) to require such recognition of opt-out preference signals.
TikTok Receives Class Action Over Pixel Tracking on Unaffiliated Properties
A class action lawsuit was filed against TikTok in the Central District of California, alleging various California statutory, common law and constitutional claims based on TikTok’s collection and use of ad event information, IP address, and cookie information from users of third-party properties that install the TikTok SDK.
According to the complaint, a multitude of users of the third-party properties were not TikTok users and never consented to or had any notice of TikTok’s interception and collection of the users’ data.
TAKEAWAY
This case relies, in part, on the anti-wiretapping provisions of the California Invasion of Privacy Act, which imposes liability for reading the contents of a communication while in transit without consent of all parties to the communication.
Class action lawsuits under various state anti-wiretapping laws and the Federal Wiretap Act have been surging in recent years, targeting both third-party providers of tracking software and first parties who incorporate first or third-party trackers on their owned and operated properties.
For more coverage, read our previous post about the ruling against adtech company Navistone on this blog and the recent announcement of an investigation of trackers on starbucks.com.
Europe
Irish DPC Proposes Microsoft Fine For LinkedIn Targeted Advertising
Microsoft announced that it received a non-public Preliminary Draft Decision from the Irish Data Protection Commission, proposing a fine of approximately $425 million based on allegations that LinkedIn’s targeted advertising practices violated the GDPR.
Microsoft said it will dispute the legal basis for the decision and amount of the fine.
NEXT STEPS
This announcement comes shortly after the French Data Protection Authority (CNIL) announced its closure of a case against Microsoft for alleged privacy violations related to ad fraud tracking on bing.com without user consent.
The nature of the alleged violations on LinkedIn were not publicly disclosed.
Want more of the privacy highlights that matter to adtech and martech? Sign up for our privacy newsletter, A Little Privacy, Please.
A Little Privacy, Please weekly recaps are provided for general, informational purposes only, do not constitute legal advice, and should not be relied upon for legal decision-making. Please consult an attorney to determine how legal updates may impact you or your business.
Latest Blog Posts
New Privacy Requirements Took Effect October 1 In Three States
October 7, 2024New Privacy Requirements Took Effect In Montana, Maryland &...
[WEBINAR] Consent is not enough: Protecting against new U.S. privacy litigation risks
October 2, 2024Join Sourcepoint and privacy litigation expert Matthew Pearson, Partner...
How Haymarket Uses Sourcepoint to Manage Vendor Compliance
October 1, 2024Haymarket sought to elevate their level of compliance by...
Latest White Papers
E-book: Enterprise Guide To Cookie management & Tracker List Curation
July 1, 2024How to review the tracking tech on your websites...
Benchmark Report: US Privacy Compliance
August 19, 2022The current state of publisher compliance with CCPA, and...
Keep in touch
Sign up for our newsletter to keep up with privacy news for adtech and martech,
plus occasional company news.