We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
"Monsters Inc." y el tratamiento de los datos
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
[Webinar] You Are Here: First Steps in Data Mapping
Fintech Focus Podcast | What Does AI Safety Mean For Fintechs?
The FTC's Health Privacy Enforcement Actions
The FTC and DOJ Act Against Amazon to Protect Privacy
Law Brief®: Rich Schoenstein and Annmarie Giblin Discuss Cyber Law
Biometric Litigation
Podcast - The FTC Agenda & Data Privacy
Webinar Recording – The Colorado Privacy Act and Draft Rules
2022 DSIR Report Deeper Dive: Personal Data Deletion
On 17th June 2025, the Spanish Data Protection Authority (“AEPD”) published guidance in relation to Royal Decree 933/2021, which regulates document registration and information obligations relating to accommodation and motor...more
Introduction - We have compiled the main differences between the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing...more
The Spanish Data Protection Agency ("Spanish DPA") has recently published on its blog guidance on the assessment of human intervention in automated decisions. Evaluating the degree of human intervention has become a critical...more
La Agencia Española de Protección de Datos (AEPD) ha publicado un nuevo informe sobre los sistemas internos de información en el contexto de la Ley 2/2023 de 20 de febrero, reguladora de la protección de las personas que...more
The EU Artificial Intelligence Regulation will create a framework for the use of artificial intelligence systems. Discrimination and discriminatory bias will be prohibited and subject to fines. Other AI systems will be...more
The Spanish Data Protection Authority has opened a public consultation process to obtain comments for an incoming decision establishing the rules for commercial communications via telephone. This decision will be binding upon...more
Some weeks ago, we described the highlights of the new "Code of Conduct on the processing of personal data in the field of clinical trials and other clinical research as well as pharmacovigilance" (CoC) and the impact on data...more
Last week we raised our hands to inform you about the Spanish Data Protection Authority’s approval of the "Code of Conduct on the processing of personal data in the field of clinical trials and other clinical research as well...more
The Spanish Data Protection Authority published on Friday on its website the new "Code of Conduct on the processing of personal data in the field of clinical trials and other clinical research as well as pharmacovigilance"...more
Welcome to the latest edition of Updata - the international update from Eversheds Sutherland’s dedicated Privacy and Cybersecurity team. Updata provides you with a compilation of privacy and cybersecurity regulatory and...more
When launching a project that involves processing of personal data, previously collected for a different purpose, what are the requirements? Companies usually focus on the legal basis of processing and information duties, but...more
Spain has just passed the law transposing Directive (EU) 2019/770 on certain aspects concerning contracts for the supply of digital content and digital services ("Directive 2019/770"). This Directive has updated and brought...more
The Spanish data protection authority AEPD fined Equifax 1 million Euros for processing publicly available personal data unlawfully in violation of the purpose limitation, data minimization and other General Data Protection...more
The Spanish Data Protection Agency (“Spanish DPA”) decided to start 2021 the same way it ended 2020: by imposing the highest fines to date (EUR 5,000,000 and 6,000,000) to two large Spanish financial entities. ...more
Last November, the Spanish Data Protection Authority (Spanish DPA) published its new Guidelines on the Use of Cookies within the framework of the GDPR and Spanish E-privacy rules. ...more
The European Data Protection Board (EDPB) and a number of European data protection supervisory authorities have recently issued guidance on processing personal data, including special categories of personal data (i.e., health...more
On November 8, the Spanish data protection authority (AEPD) published new Guidelines on the Use of Cookies (Guidelines) (Spanish only). The Guidelines have been prepared in collaboration with different organisations in the...more
On October 17, the Spanish data protection authority (AEPD) published the Guide to Privacy by Design (Guide). While Privacy by Design (PbD) first became a legal requirement in the EU with implementation of the General Data...more
The Spanish supervisory authority agencia española protección datos (“Supervisory Authority”) has issued a fine against an airline based on their use of a cookie banner, which the Supervisory Authority considered not to be...more
Urgent Data Protection Measures for GDPR Enforceability - New Order or Decree - The Spanish government has fast-tracked the approval of measures aimed at adjusting Spanish legislation to the new General Data Protection...more
Today, the Spanish data protection agency (AEPD) fined Facebook 1.2 million euros ($1.4 million USD) in connection with how the company collects personal data for advertising purposes. The AEPD said Facebook did not get...more
New York Attorney General Announces Record Number of Data Breach Notices in 2016 - On March 21, 2017, the New York Attorney General's Office announced that it received 1,300 reported data breaches in 2016—a 60 percent...more
On January 26, 2017, the Spanish data protection authority (“AEPD”) published three guidance papers on the implementation of the general data protection regulation (“GDPR”). Although the guidance is primarily directed at...more
What the recent Amazon decision tells us - On 28 July 2016, the European Court of Justice rendered a decision in a dispute between an Austrian Consumer Protection organization known as VKI (Verein für...more