The European Data Protection Board’s addressed some interesting issues during its 12th Plenary Session on July 9 and 10:
Guidelines on how the GDPR applies to the processing of personal data when using video devices....more
Milk, meat, fruits, breads … and data protection.
These are the new food groups for your M&A deal.
Just 24 hours after the notice of intent to fine British Airways 183 Million GBP, the UK ICO issued an intent to fine...more
7/10/2019
/ Acquisitions ,
British Airways ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Due Diligence ,
EU ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Mergers ,
Popular ,
UK
If you wait for them, the big General Data Protection Regulation (GDPR) fines will come.
UK Data protection authority, ICO, announced its intent to fine British Airways 183 million GBP (1.5 percent of annual revenue) for a...more
7/9/2019
/ British Airways ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
EU ,
Fines ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Popular ,
UK
The FTC has entered into a consent order with a sole proprietor for a failure to implement reasonable protections of personal information....more
How do you verify the identity of an individual requesting access to their data or that data be deleted?
The Dutch Data Protection Authority, Autoriteitpersoonsgegevens, offers guidance which can be helpful and instructive...more
6/21/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Protection Authority ,
General Data Protection Regulation (GDPR) ,
Netherlands ,
Personally Identifiable Information ,
Privacy Laws
If you retain personal data indefinitely, or have not given thought to your retention schedule – now may be the time to take another look.
The Danish Data Protection Authority has fined a furniture store 200,000 EUR for...more
The UK’s ICO has issued a report on data protection in the adtech process of real time bidding (RTB).
RTB relies on the potential advertiser seeing information about you....more
The Federal Trade Commission (FTC) has entered into a settlement with a provider of management software for car dealerships that held personal information, including SSN’s and payroll information, in cleartext, holding its...more
The Swedish Data Protection Authority has initiated an inquiry into how song streaming provider Spotify handles data access requests....more
Spotlight on adequate/reasonable protections to personal information – Part 1 – France.
CNIL fined a real estate company 400,000 EUR for failure to implement adequate protections to personal data in violation of GDPR....more
CCPA is coming to a data broker near you?
If passed, AB 1202, one of the amendments making its way through the California legislature, will:
require data brokers to register with the California Attorney General and...more
What is sold in Vegas, can be opted-out-of in Vegas.
Nevada’s new privacy law will go into effect October 1, providing consumers with a right to opt out of the sale of their personal information....more
“The game-changing rules [of GDPR] have not only made Europe fit for the digital age, they have also become a global reference point,” say Andrus Ansip, Vice-President for the Digital Single Market and Vera Jourová,...more
Canada has introduced a Digital Charter that will entail considerable changes to its privacy law, PIPEDA.
The principles are:
Universal Access: equal opportunity to participate in the digital world and the tools to do so....more
The European Data Protection Report’s first annual report on GDPR, “1 Year GDPR — Taking Stock,” shows public awareness of the European Union’s data protection regime is growing....more
The French Data protection authority, CNIL, has issued a “Developer Kit” setting forth best practices for data protection.
Key takeaways:
Before using a development tool, especially for personal data, read the...more
Why Covered Entities and Business Associates Cannot Ignore the New California Data Privacy Law-
The California Consumer Privacy Act (CCPA) applies to a wide range of for-profit businesses that collect the personal...more
The Lithuanian data protection inspectorate issued a 61,500 EUR fine against a payment services provider for violations of the data minimization, adequate security measures and data breach reporting requirements of GDPR....more
The California Consumer Privacy Act (CCPA), a broad-based law protecting information that identifies California residents, was passed in June 2018 and will take effect in 2020. Dubbed “GDPR Lite,” to denote its similarities...more
“The right to be forgotten does not apply in principle to medical records. However, as a patient, you may ask your health care provider to remove data from your medical record,” according to the Dutch Data Protection...more
The California Consumer Privacy Act (CCPA), which takes effect in 2020, has been dubbed “GDPR-Lite” or “California GDPR” because it shares many concepts and compliance obligations with the EU General Data Protection...more
5/9/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
General Data Protection Regulation (GDPR) ,
Opt-Outs ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Right to Delete
Danish data protection authority Datatilsynet has ordered a bus company to explain, by July 15, how it will amend its IT systems to allow for compliance with the right to rectification (correction) under GDPR and provide a...more
“When it comes to tech in California, the balance is making sure we continue to have an environment that fosters creativity and innovation, while … fighting to have the proper amount of consumer protection and privacy that...more
“Privacy policies … have evolved from … largely factual statements to become, nowadays, either long, verbose and impenetrable legalese, or else vague and soothing PR exercises. Either approach places the burden on the...more
The Finnish Data Protection Authority has ordered a company to modify its automated practices for assessing creditworthiness.
The authority held that the Credit Decision Service in the company’s online environment is an...more