On March 2, 2023, the Federal Trade Commission (FTC) announced that it had reached a $7.8 million settlement with mental health and online counseling platform, BetterHelp, Inc. (“BetterHelp”). The FTC alleged that BetterHelp shared consumers’ sensitive health data combined with other personal information (PI) with third party advertising platforms without first obtaining affirmative consent and allegedly contrary to certain privacy representations. The proposed order requires the company to pay $7.8 million in partial refunds to BetterHelp customers. This is the first time that the FTC has required a company to return money to its customers whose personal information was shared without consent. Going forward BetterHelp is not permitted to share sensitive health information and PI without obtaining affirmative consent from the patients and customers. BetterHelp is also required to overhaul its privacy program and request that any outside parties that received the consumers’ sensitive data delete such information.
Amid fresh fears about data protection, on November 14th, France’s data protection authority, the Commission Nationale de l’Informatique et des Libertes (CNIL) published a checklist of recommended actions travellers should take to secure phones, computers and tablets when travelling outside the European Union.