Jurisdiction

UK court dismisses privacy lawsuit against Google

Google has successfully defended itself against a revived privacy lawsuit in the UK concerning the transfer of patient data from the Royal Free London NHS Trust. The legal case, brought by patient Andrew Prismall on behalf of 1.6 million individuals, alleged that the data shared with Google’s AI division, DeepMind Technologies, was misused.

The Royal Free NHS Trust had transferred the data in 2015 to assist in developing an AI app designed to detect kidney injuries. Although Britain’s Information Commissioner’s Office ruled in 2017 that the data-sharing arrangement violated privacy laws, a subsequent lawsuit against Google and DeepMind was dismissed last year due to insufficient grounds.

On Wednesday, the Court of Appeal upheld this dismissal, rejecting Prismall’s attempt to challenge the earlier ruling. Google has not commented on the outcome, which closes a high-profile chapter in the debate over privacy and technology’s role in healthcare.

BeReal faces privacy complaint over tracking practices

BeReal, the selfie-sharing app acquired by French mobile games publisher Voodoo earlier this year, is under scrutiny for allegedly violating European data protection rules. A privacy complaint filed by Noyb, a European privacy rights organisation, accuses the app of using manipulative ‘dark patterns’ to coerce users into consenting to ad tracking, a tactic that may breach the General Data Protection Regulation (GDPR).

The controversy centres on a consent banner introduced in July 2024, which appears to offer users a straightforward choice to accept or refuse tracking. However, Noyb argues that users who decline tracking face daily pop-ups when they try to post, while those who consent are spared further interruptions. This practice, Noyb asserts, pressures users into compliance, undermining the GDPR’s requirement that consent be ‘freely given.’

The complaint has been filed with France’s data protection authority, CNIL, and demands that BeReal revise its consent process to comply with GDPR. It also calls for any improperly obtained data to be deleted and suggests a fine for the alleged violations. BeReal’s parent company, Voodoo, has yet to comment on the complaint.

This case highlights growing concerns over dark patterns in social media apps, with regulators emphasising the need for fair and transparent consent mechanisms in line with user privacy rights.

Samsung challenges India watchdog over data seizure

Samsung has filed a legal challenge against India‘s Competition Commission (CCI), accusing the watchdog of unlawfully detaining employees and seizing data during a 2022 raid connected to an antitrust investigation involving Amazon and Walmart-owned Flipkart. The CCI claims Samsung colluded with the e-commerce giants to launch products exclusively online, a practice it argues violates competition laws.

In its filing with the northern city of Chandigarh’s High Court, Samsung alleged that confidential data was improperly taken from its employees during the raid and requested the return of the material. Samsung has secured an injunction to pause the CCI’s proceedings but seeks a broader ruling to prevent the use of the seized data. The CCI, in turn, has asked the Supreme Court to consolidate similar challenges by Samsung and 22 other parties, arguing that companies are attempting to derail the investigation.

The case stems from findings earlier this year that Amazon, Flipkart, and smartphone companies like Samsung engaged in anti-competitive practices by favouring select sellers and using exclusive product launches. While Amazon and Flipkart deny wrongdoing, brick-and-mortar retailers have long criticised their pricing and market strategies. Samsung, a major smartphone brand in India with a 14% market share, maintains it was wrongly implicated and cooperated only as a third party in the investigation.

California court orders $5 Million in Ponzi scheme penalties

A California court has ordered five individuals to pay over $5 million for their roles in the IcomTech Ponzi scheme. Between 2018 and 2019, the scheme defrauded investors through a fake Bitcoin trading platform. IcomTech promised 100% returns every six weeks, ultimately misappropriating $8.4 million of victims’ funds.

The group, led by founder David Carmona, lured over 190 investors with lavish expos and false claims of wealth. The court found them guilty of violating the Commodity Exchange Act and Commodity Futures Trading Commission (CFTC) regulations. Each was fined $1 million and banned from trading in CFTC-regulated markets.

In addition to financial penalties, the individuals received prison sentences ranging from five to ten years. The CFTC emphasised the importance of protecting investors from such schemes, urging vigilance in the cryptocurrency sector.

Supreme Court declines Nvidia appeal in securities fraud case

The US Supreme Court has dismissed an appeal by Nvidia, rejecting its attempt to block a securities fraud lawsuit accusing the chipmaker of misleading investors about its reliance on the volatile cryptocurrency market. The decision upholds a lower court’s ruling, allowing a 2018 class-action lawsuit led by Swedish investment firm E. Ohman J:or Fonder AB to proceed. The justices, offering no explanation in their one-line order, had previously expressed hesitation about addressing the case’s technical and factual complexities during November arguments.

The lawsuit centres on allegations that Nvidia’s leadership, including CEO Jensen Huang, downplayed how much of the company’s 2017-2018 revenue growth stemmed from crypto-related purchases. Nvidia’s chips gained popularity during the cryptocurrency boom but faced a sales slump when the market cooled in late 2018, leading to a drop in the company’s stock price. A federal judge initially dismissed the case, but the Ninth Circuit Court of Appeals revived it, concluding that plaintiffs sufficiently alleged Nvidia knowingly made misleading statements.

Nvidia has denied wrongdoing and vowed to continue its defence, emphasising the need for clear standards in securities litigation to protect shareholders. However, the plaintiffs argue their case is well-supported by expert analysis and insider accounts. Deepak Gupta, representing the shareholders, called the Supreme Court’s dismissal a victory for corporate accountability. President Biden’s administration backed the investors, reflecting broader concerns about corporate transparency in securities practices.

This case mirrors another recent Supreme Court decision involving Meta, where justices also dismissed a securities fraud lawsuit. Both rulings highlight the challenges of navigating legal thresholds for investor class actions under stringent US securities laws.

Australian court fines Kraken operator $5.1 million

Australia‘s Federal Court has fined Bit Trade, the local operator of cryptocurrency exchange Kraken, A$8 million ($5.1 million) for unlawfully offering credit facilities to over 1,100 customers. The ruling came after the Australian Securities and Investments Commission (ASIC) filed civil proceedings against the company, accusing it of non-compliance with regulations for its margin trading product.

ASIC revealed that Bit Trade failed to assess whether its margin extensions—a form of credit repayable in digital assets like bitcoin or national currencies—were suitable for customers. This led to combined customer losses exceeding $5 million, while Bit Trade charged over $7 million in fees and interest. The court classified the margin extension product as a credit facility requiring a specific consumer suitability document, which the company had not provided.

In a statement, Kraken expressed disappointment, arguing the ruling could stifle economic growth in Australia. The exchange emphasised its willingness to work with regulators to shape the evolving cryptocurrency framework. The case marks a milestone for ASIC, as it is the first penalty imposed on a company for failing to provide a target market determination for a financial product.

Justice Department pushes for TikTok divestment

The US Justice Department has urged a federal appeals court to reject TikTok‘s emergency request to delay a law requiring its Chinese parent company, ByteDance, to divest from the app by 19 January or face a nationwide ban. TikTok argued the law threatens to shut down one of America’s most popular social media platforms, which boasts over 170 million US users, while the Justice Department maintains that continued Chinese ownership poses a national security risk.

While the law would not immediately block users from accessing TikTok, the Justice Department admitted the lack of ongoing support would eventually render the app inoperable. A three-judge appeals court panel recently upheld the divestment requirement, and ByteDance has asked the US Supreme Court to review the case.

The controversy places TikTok’s future in the hands of the incoming presidential administration. President Joe Biden could grant a 90-day extension to the divestment deadline before President-elect Donald Trump, who has vowed to prevent a ban, takes office on January 20. Trump’s stance on TikTok has been consistent since his unsuccessful attempts to ban the app during his first term.

The law also strengthens the US government’s powers to ban other foreign-owned apps over data security concerns, following a broader trend initiated under Trump, including an earlier attempt to block Tencent-owned WeChat. As legal battles continue, TikTok’s operations in the US hang in the balance.

Canada TikTok unit requests court review of shutdown orders

TikTok‘s Canadian branch has filed an emergency motion with the country’s Federal Court to review a government order requiring it to cease operations due to national security concerns. The company, owned by China’s ByteDance, is challenging the December 5 order and seeking either its annulment or a return to the government for further review. The motion argues that shutting down TikTok’s Canadian operations could result in significant job losses.

The legal challenge comes after Canada began investigating TikTok’s plans to expand its business in the country last year. The investigation led to last month’s order, which did not block Canadian access to the app but mandated the company’s exit from the Canadian market. TikTok emphasised the importance of maintaining a local presence for its platform in Canada, where it has over 14 million monthly users.

Under Canadian law, the government can assess foreign investments’ risks to national security, though details of the investigations are kept confidential. The case follows similar actions in the US, where the government has pressured ByteDance to sell TikTok’s US assets by January 2025 or face a ban. TikTok is currently seeking a temporary block on this US law as well.

EU reviews Microsoft 365 data compliance

The European Data Protection Supervisor (EDPS) is reviewing the European Commission‘s response to a March ruling that its use of Microsoft 365 violated the bloc’s data protection laws. Monday marked the deadline for the Commission to address the EDPS order to halt unlawful data flows and renegotiate its contracts with Microsoft.

On Tuesday, EDPS Wojciech Wiewiórowski confirmed receipt of the Commission’s report, emphasising the complexity of the case and hinting that a detailed analysis will take time. Both the Commission and Microsoft are appealing the EDPS decision, with related cases set to progress through the courts in 2025.

The outcome could have significant implications for the Commission’s use of tech platforms and broader data privacy enforcement in the EU. For now, all parties remain tight-lipped, extending the uncertainty over the resolution of this high-profile dispute.

Meta tax investigation concludes in Italy

Italian prosecutors have concluded an investigation into alleged tax evasion involving Facebook owner Meta, focusing on unpaid VAT worth €887.6 million. Two executives from the company’s Irish subsidiary are implicated in the case. This marks the final step before a potential trial unless the suspects can demonstrate their innocence.

The dispute centres on whether Meta’s provision of free access to platforms like Facebook and Instagram, in exchange for users’ personal data, qualifies as a taxable transaction. Italian tax police argue that user registrations represent a non-monetary exchange that should incur VAT. Meta disputes these claims, maintaining that it has met all tax obligations and cooperated fully with Italian authorities.

Italy’s Revenue Agency has supported the findings of an earlier police investigation, alleging Meta failed to declare €4 billion in taxable income between 2015 and 2021. Meta now has 60 days to address these observations, potentially leading to either a settlement or a judicial tax dispute.

The case, involving consultations with the European Commission’s VAT Committee, could set significant precedents for digital taxation. A final resolution remains pending, with Meta standing firm against the notion of applying VAT to user access.