The Belgian data protection authority has published for public consultation its priorities for 2019-2025....more
California Attorney General Xavier Becerra released the title and summary for the CCPA 2.0 ballot initiative, the California Privacy Rights Act....more
In a statement of its priorities over the next year, French data privacy regulator CNIL emphasizes the importance of a balanced approach to data protection regulation....more
How compliant is that cookie in the window?
The Dutch Data Protection Authority (AP) carried out a check on approximately 175 websites of web shops, municipalities and media, among other things, to determine whether they...more
Alastair Mactaggart, the proponent of the "CCPA 2.0" ballot initiative in California, has submitted to the Office of the Attorney General a revised version of the proposed "California Privacy Rights Act" (CPRA) that he hopes...more
12/11/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Opt-Outs ,
Personal Information ,
Popular ,
Privacy Laws
The Software Alliance filed comments to the California Attorney General on draft regulations to implement the California Consumer Privacy Act (CCPA) intended to avoid upsetting the business-service provider relationship set...more
A “sale” by any other name?
“We consider, and think the average consumer would consider, that when information is exchanged across devices and platforms, such that an ad follows the consumer from desktop to phone and from...more
The Digital Advertising Alliance has published guidance on the use of a tool for opt out requests under CCPA under its (voluntary) self-regulatory principles....more
The International Association of Privacy Professionals is holding its 2019 Europe Data Protection Conference in Brussels. Partner Odia Kagan, who is in attendance, shares some takeaways from day two of the event....more
The International Association of Privacy Professionals is holding its 2019 Europe Data Protection Conference in Brussels. Partner Odia Kagan, who is in attendance, shares some takeaways from day one of the event....more
The United Kingdom's Information Commissioner's Office has updated its guidance on Special Category Data (Article 9 General Data Protection Regulation). Key takeaways:
Genetic Data-
Genetic analysis that includes enough...more
Data minimization is coming to the United States.
The Federal Trade Commission cited failure to delete information which is no longer needed as a failure to implement reasonable protection....more
The Spanish AEPD has published guidelines on patient health data protection.
The guidelines track the requirements of GDPR as applicable to patient data including the obligation to provide adequate disclosure under Article...more
The European Data Protection Board has issued long-awaited final guidelines for the extraterritorial application of the General Data Protection Regulation (GDPR).
Key changes:
(1) GDPR can apply extraterritorially to some...more
The Polish data protection authority has fined ClickQuickNow €47,126.97 for violating the General Data Protection Regulation (GDPR) by requiring too difficult a process for revoking consent....more
The European Data Protection Supervisor (EDPS) has issued guidance on the concepts of data controller and processor for European Union organizations. Though it covers EU institutions, the guidance contains many concepts that...more
11/14/2019
/ California Consumer Privacy Act (CCPA) ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Controller ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
EU ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Popular
Information and Privacy Ombudspersons and Commissioners from across Canada are urging their governments to modernize access to information and privacy laws some of which have not been updated in 35 years....more
The auto-complete function is not prohibited by GDPR, says the Danish data protection authority.
The search function suggested certain search suggestions automatically including the complainant’s name....more
The Information Commissioner of the Isle of Man has issued guidance on “accountability” under GDPR.
Key takeaways:
You need to develop, embed and maintain a culture of data protection in your processing activities, with...more
The California Attorney General attached a Standardized Regulatory Impact Assessment (SRIA) of the economic impact of the draft California Consumer Privacy Act (CCPA) Regulations to the draft regulations. Some key...more
The Dutch DPA has issued guidance on the use of “legitimate interest” as a legal basis for processing data under GDPR.
Key takeaways on what constitutes “legitimate”:
The interest needs to be pursuant to a written or...more
Do the draft CCPA Regulations make a big difference in compliance costs where it comes to privacy notices? Standardized Regulatory Impact Assessment (SRIA) of the economic impact of the draft CCPA Regulations says – maybe...more
The California Attorney General considered and rejected the creation of a safe harbor exemption from the CCPA for businesses that are already complying with GDPR, says the statement of reasons that accompanies the draft CCPA...more
On November 1st of last year, businesses became subject to new mandatory breach reporting regulations under Canada’s federal private sector privacy law, the Personal Information Protection and Electronic Documents Act...more
Google Analytics is in the crossfire in Germany.
The data protection authorities of the German states are being flooded with complaints, approximately 200,000 in number, regarding deployment of the Google Analytics service...more