California AG Settlement Suggests Privacy and Security Practices of Digital Health Apps May Provide Fertile Ground for Enforcement Activity
Libbie Canter, Anna D. Kraus, and Rebecca Yergin of Covington & Burling write:
California Attorney General Xavier Becerra (“AG”) announced in September a settlement against Glow, Inc., resolving allegations that the fertility app had “expose[d] millions of women’s personal and medical information.” In the complaint, the AG alleged violations of certain state consumer protection and privacy laws, stemming from privacy and security “failures” in Glow’s mobile application (the “Glow App”). The settlement, which remains subject to court approval, requires Glow to comply with relevant consumer protection and privacy laws (including California’s medical privacy law), mandates “a first-ever injunctive term that requires Glow to consider how privacy or security lapses may uniquely impact women,” and imposes a $250,000 civil penalty.
Read more on InsidePrivacy.