Here is a handy checklist from Luxembourg’s Commission Nationale pour la Protection des Données (CNPD) regarding your Data Protection Officer (DPO) compliance...more
A few days before the Austria DSB decision, the European Data Protection Supervisor (EDPS) issued a decision on the use of Google Analytics by the European Parliament.
For Schrems II: EDPS says “if you don’t have any...more
The German Data Protection Conference (DSK) issued guidance on the Federal Act on the Regulation of Data Protection and Privacy in Telecommunications and Telemedia (‘TTDSG’), which went into effect on December 1, 2021...more
12/30/2021
/ Consent ,
Cookies ,
Data Protection ,
Data Storage ,
Data Transfers ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Germany ,
Internet of Things ,
Opt-Outs ,
Popular ,
Telecommunications
U.S. Congresswomen Anna Eshoo (D-California) and Zoe Lofgren (D-California) have reintroduced House Resolution 6027 for the Online Privacy Act of 2021.
Some of the bill’s key differentiators from CCPA, CDPA and CPA:...more
What does the U.K. Information Commissioner’s Office have to say about what it takes for adtech initiatives to be compliant with data protection?
“There is an opportunity for market participants to move towards developing...more
11/30/2021
/ Adtech ,
Cookies ,
Data Protection ,
Data Protection Impact Assessments (DPIAs) ,
Data-Sharing ,
First-Party Coverage ,
Information Commissioner's Office (ICO) ,
Personal Data ,
Privacy and Electronic Communications Regulation 2003 (PECR). ,
Third-Party ,
UK ,
Web Tracking
Data Protection Commission Ireland has issued a report on the responses it received to its public consultation on its guidance on children’s rights.
Of particular note is the careful consideration the commission gave the...more
The European Data Protection Board has issued draft guidelines on the interplay between Art 3.2 and Chapter V of GDPR. And they also have finally defined the term “transfer.”
Here are some key takeaways:...more
The U.K.’s Information Commissioner’s Office (ICO) has responded to the U.K.’s Department for Digital, Culture, Media and Sport’s (DCMS) “Data: Unlimited” initiative...more
The United Kingdom has issued an ambitious report on its 10 year plan to become an AI super power.
The document lays out a detailed business plan with 3 month, 6 month and longer objectives...more
The DPA of Uruguay, one of the only countries recognized as “adequate” destinations for cross border data transfers from the European Union – has issued updated guidance on the content of cross border data transfer agreements...more
Here are a few takeaways from what I said this week at the InfoGov World Expo virtual auditorium.
•Is it still “early days for GDPR?” Not if you ask Germany, France’s Commission Nationale de l’Informatique et des Libertés...more
Key practice takeaways from the Kişisel Verileri Koruma Kurumu (KVKK) Turkey EUR 195,000 fine against WhatsApp (which echoes the Data Protection Commission Ireland decision in many respects):.....more
Ireland’s Data Protection Commission has imposed a fine of €225 million (more than $267 million) on WhatsApp, a popular messaging app owned by Facebook.
Here are some key takeaways for companies subject to GDPR:.....more
And the cookie continues to crumble.
NOYB has filed 422 complaints with ten EU data protection authorities. The move came after it sent written warnings and draft complaints to more than 500 companies on May 31, 2021...more
What are practical lessons learned from the $85 million Zoom settlement?
•You can have big ticket enforcement dollars even without GDPR or CCPA.
•When you integrate a third party feature – including via a Software...more
As always, it was great fun speaking with Future of Privacy Forum’s lovely and knowledgeable mobility guru Chelsey Colbert during Part 2 of OneTrust DataGuidance’s connected vehicles and data protection presentation...more
U.S. Sen. Kirsten Gillibrand (D-New York) announced that she reintroduced Senate Bill 2134, the Data Protection Act of 2021. The bill creates an independent federal Data Protection Agency (DPA) to protect individuals' data,...more
Several German Data Protection Authorities commence independent investigation of cross border transfers of personal data in violation of Schrems II...more
The Information Commissioner’s position paper on the UK government’s proposal for a trusted digital identity system provides insight into the interplay between data protection and digital identity.
Key Points-
•Given...more
The Spanish data protection authority AEPD fined Equifax 1 million Euros for processing publicly available personal data unlawfully in violation of the purpose limitation, data minimization and other General Data Protection...more
First we take Sacramento, then we take Berlin: How do US data protection laws affect how you do business.
The webinar is aimed at in-house or outside counsel, as well as data protection and compliance officers. In this...more
4/28/2021
/ Adtech ,
Analytics ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Chief Compliance Officers ,
Consumer Privacy Rights ,
Cookies ,
COPPA ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Sellers ,
Do Not Sell ,
E-Commerce ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Fines ,
General Data Protection Regulation (GDPR) ,
Germany ,
GLBA Privacy ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Multinationals ,
OEM ,
Personally Identifiable Information ,
Privacy Laws ,
Privacy Policy ,
State Privacy Laws ,
Suppliers ,
Third-Party Service Provider ,
Webinars
If at first (and second) you don’t succeed, try try again. The European Union and United States are gearing up for “Privacy Shield 2.0” to address the difficulties faced by tens of thousands of companies in the wake of the...more
West Virginia has gotten into the data privacy bill game with House Bill (HB) 3159 on Consumer Data Privacy.
The legislation is similar to the California Consumer Privacy Act + the following key points:...more
North Dakota, Utah, Washington State. .. all three have recently introduced new pieces of data privacy legislation.
UTAH-
Utah State Rep. Walt Brooks, has introduced House Bill 80, which creates an “affirmative defense”...more
The United Kingdom’s Information Commissioner’s Office published its action plan for 2021.
Areas of focus include:
•the Age Appropriate Design Code
•data sharing.
•data broking,...more