Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
"Monsters Inc." y el tratamiento de los datos
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
[Webinar] You Are Here: First Steps in Data Mapping
Fintech Focus Podcast | What Does AI Safety Mean For Fintechs?
The FTC's Health Privacy Enforcement Actions
The FTC and DOJ Act Against Amazon to Protect Privacy
Law Brief®: Rich Schoenstein and Annmarie Giblin Discuss Cyber Law
Biometric Litigation
Podcast - The FTC Agenda & Data Privacy
Webinar Recording – The Colorado Privacy Act and Draft Rules
Employers are increasingly monitoring and filtering the web browsing habits of employees. The Commission Nationale de l’Informatique et des Libertés (CNIL) recently released new guidance (for public comment) on how...more
The French Data Protection Authority (CNIL) recently imposed a EUR 310,000 fine, representing 1% of its turnover, on FORIOU, a telemarketing company promoting loyalty programs. The fine stemmed from FORIOU’s use of...more
Last year proved to be a big year in data protection with U.S. state data protection laws popping up across the country, the FTC updating its guidance and regulations on everything from data breaches and biometric...more
The French Data Protection Authority imposed a €280,000 fine for GDPR infringements and a €100,000 fine for violation of French cookie rules. On 11 May 2023 the French Data Protection Authority (the CNIL) handed down its...more
What does the Court of Justice of the European Union (CJEU) Advocate General’s opinion in the case of Meta vs. the German Bundeskartellamt tell us regarding the scope of what constitutes “sensitive information,” “contractual...more
Following the 2020 Court of Justice of the European Union’s (CJEU) ruling invalidating the Privacy Shield (see our alert here), personal data transfers from the European Union to the United States required EU companies to...more
When the General Data Protection Regulation (GDPR) came into force throughout the European Union nearly three years ago, one of its most eye-catching features was its extraterritorial jurisdiction provisions. These extend the...more
On 7 January 2020, Directive (EU) 2019/2161 (the "Directive") came into force, setting into motion a swathe of measures aimed at modernizing the existing consumer protection rules, bolstering the level of protection available...more
On October 1, 2019, the European Union Court of Justice notably ruled on the type of consent required by a consumer in order to store cookies on their device. The case involved a promotional online lottery organized by...more
The Situation: Fashion ID, a German online clothing retailer, embedded on its website the Facebook "Like" button. When a user consults the website of Fashion ID, that user's personal data are transmitted to Facebook Ireland....more
Yes. European data privacy law distinguishes between session cookies that, for example, allow a website to function properly, and behavioural advertising cookies that are unnecessary for the functioning of the website. ...more
A Facebook “like” is actually more like “in a [Joint Controller] relationship” status, says the Court of Justice of the EU in a long awaited decision in the Fashion ID matter. At issue: The legal framework surrounding...more
On 7 March 2019, the Dutch Data Protection Authority published guidance (in Dutch) that it considers “cookie walls” to violate the GDPR. A cookie wall is a pop-up on a website that blocks a user from access to the website...more
The Federal Trade Commission (FTC) announced settlements with four companies last month—IDmission LLC, mResource LLC (doing business as Loop Works LLC), SmartStart Employment Screening, Inc. and VenPath, Inc.—of the FTC’s...more
The Federal Trade Commission recently entered into settlement agreements with four companies regarding claims that the companies misrepresented their compliance with the EU-U.S. Privacy Shield Framework. ...more
Although the U.S.-E.U. Privacy Shield Framework has been intensely criticized by E.U. Authorities, the Federal Trade Commission (FTC) continues to enforce violations of it by U.S. companies....more
Worldwide, companies are scrambling to meet the May 25th deadline to comply with the European Union’s General Data Protection Regulation (GDPR). For companies with physical operations in an EU member state, this deadline is...more
How will the new European Union data protection law affect U.S. nonprofit organizations? Nonprofit organizations based in the U.S. can often handle large amounts of data which originates in the EU—for example, they may...more
The European Union’s General Data Protection Regulation (“GDPR”) is arguably the most comprehensive – and complex – data privacy regulation in the world. As companies prepare for the GDPR to go into force on May 25, 2018,...more
The General Data Protection Regulation (GDPR), EU legislation that will take effect in May 2018, will drastically change how companies can collect and use personal data about web users in Europe. Among other things, the GDPR...more
In a key decision, the European Court of Justice has ruled that dynamic IP addresses may qualify as personal data in certain circumstances—ending years of uncertainty about whether such fundamental building blocks of the...more
In a ruling with significant potential impact, the Court of Justice of the European Union (CJEU) has ruled that a dynamic internet protocol (IP) address may constitute "personal data" under EU Data Protection Directive...more