Common Sense released an online tool for consumers to exercise rights under the California Consumer Privacy Act. The website, revealed Wednesday, links to privacy pages of thousands of major companies.

The Supreme Court denied Facebook certiorari Tuesday in a class-action lawsuit claiming its face-scanning technology violates Illinois privacy law. TechFreedom and Consumer Data Industry Association urged the court to strike down the suit, in Facebook v. Nimesh Patel et al., No. 19-706 (see 2001060012). The company declined to comment.

The FTC unanimously finalized settlements with five companies over allegations they falsely claimed certification under the EU-U.S. Privacy Shield framework (see 1909030063), the agency said Thursday. The FTC alleged DCR Workforce, Thru, LotaData and 214 Technologies didn’t have PS certification, as claimed. It alleged LotaData falsely claimed Swiss-U.S. PS certification. EmpiriStat allowed its certification to lapse, failed to verify annually that statements about its PS practices were accurate, and didn’t affirm it would continue to apply PS protections to personal information collected while participating in the program, the commission alleged. “All five companies are prohibited from misrepresenting their participation in the EU-U.S. Privacy Shield framework, any other privacy or data security program sponsored by the government, or any self-regulatory or standard-setting organization,” the FTC said. EmpiriStat must apply protections to personal information it collected while participating in the program, or return or delete the information.

Senate Judiciary Committee witnesses for Tuesday’s hearing on encryption, privacy and public safety are Manhattan District Attorney Cyrus Vance (D); Matt Tait, University of Texas School of Public Affairs cybersecurity fellow; Erik Neuenschwander, Apple user privacy manager; and Jay Sullivan, Facebook product management director-privacy and integrity in Messenger. The hearing is 10 a.m., 226 Dirksen.

Cambridge Analytica “engaged in deceptive practices to harvest personal information from tens of millions of Facebook users for voter profiling and targeting,” the FTC said in a 5-0 opinion Friday. The bankrupt consulting firm engaged in deceptive practices involving EU-U.S. Privacy Shield participation. The company is barred from misrepresenting itself again, the agency said. A July complaint alleged Cambridge Analytica and then-CEO Alexander Nix and app developer Aleksandr Kogan deceived consumers. The individuals agreed to settle, while the company didn't respond, the commission said now. The company didn't respond to request for comment.

Be transparent when using facial recognition technology, specifically in collecting and using data, said the U.S. Chamber of Commerce Thursday. Other recommendations include: protect privacy and personal data; promote beneficial uses while mitigating risks; risk-based regulation; and establish a national regulatory framework.

Ad-tech companies must obtain opt-in consent for use of sensor data for tailored ads, the Network Advertising Initiative said Monday in 2020 privacy guidance. NAI, a self-regulatory body, issued prior opt-in mandates for the use of precise location data, sensitive data and personal directory data for internet-based ads. The 2020 code expands the mandate to include sensor data, which refers to data gathered from a physical environment.

Many consumers “are familiar with the most blatant privacy-invasive potential of their devices,” reported the Electronic Frontier Foundation Monday. “Every smartphone is a pocket-sized GPS tracker, constantly broadcasting its location to parties unknown.” But these better known “surveillance channels” aren't “the most threatening to our privacy,” said EFF. “The unsettling truth is that although Facebook doesn’t listen to you through your phone, that’s just because it doesn’t need to. The most prevalent threat to our privacy is the slow, steady, relentless accumulation of relatively mundane data points about how we live our lives.” Trackers can “assemble data about our clicks, impressions, taps, and movement” and convert them “into sprawling behavioral profiles,” said EFF.

Congress should investigate Amazon privacy concerns and have executives from the company and Ring testify about “surveillance,” more than 15 groups wrote Monday. Fight for the Future, Color of Change, Demand Progress and Media Alliance signed. The groups urged Congress to question Amazon Ring CEO Jamie Siminoff about “business practices and the threats their nationwide surveillance network pose.” Amazon didn’t comment.

The Senate Judiciary Tech Task Force meets 4 p.m. Thursday to discuss ethical uses of consumer data, co-Chair Marsha Blackburn, R-Tenn., told us Wednesday. Panelists are Ancestry Chief Privacy Officer Eric Heath and Global Blockchain Business Council CEO Sandra Ro, an aide said.