This Week in FCPA-Episode 80, The Last Jedi Edition
The European Commission published its Proposal for a Regulation (on 4 July 2023) laying down additional procedural rules relating to the enforcement of GDPR (the Proposal), which aims to complement the GDPR by specifying the...more
Data is yet again at the top of the agenda in the UK Parliament. Seeking to balance the need for the protection of privacy of data and enabling data-driven growth, the UK Department for Science, Innovation and Technology...more
On Friday, February 24, the Colorado Secretary of State published “final” rules for the Colorado Privacy Act. While these rules are similar to “Version 3” of the draft rules, published by the Attorney General’s Office in...more
The French data privacy authority (DPA) announced that it will fine Discord, Inc. 800,000 euros under the General Data Protection Regulation (GDPR). Discord is a social messaging platform popular with gamers, technology...more
The DPA of Uruguay, one of the only countries recognized as “adequate” destinations for cross border data transfers from the European Union – has issued updated guidance on the content of cross border data transfer agreements...more
The California Consumer Privacy Act (CCPA) went into effect January 1, 2020 and created several rights for California residents, including the game-changing right to opt-out of the sale of personal information. ...more
On April 21, The European Data Protection Board (EDPB) published guidelines related to use of data for fighting the COVID-19 health crisis....more
Why does this topic matter to organisations? Under the Directive, organisations were obliged to deal with a separate DPA for each Member State whose laws apply to them. This meant that businesses faced a range of...more
Why does this topic matter to organisations? Under the GDPR, the concept of a "processor" has not changed. Any entity that was a processor under the Directive likely continues to be a processor under the GDPR. However,...more
The President of the Personal Data Protection Office in Poland (Polish DPA) imposed a fine amounting to PLN 943,470 (approximately EUR 220,000; approximately USD 245,977) for failing to fulfil the company’s transparency...more
The other GDPR shoe has dropped… with the European data protection law being enforced against a Canadian company. Since the sweeping law went into effect on May 25, 2018, the digital world has been waiting for enforcement...more
New York Attorney General Announces Record Number of Data Breach Notices in 2016 - On March 21, 2017, the New York Attorney General's Office announced that it received 1,300 reported data breaches in 2016—a 60 percent...more
While we wait to see what the BREXIT result will mean for the UK’s data protection regime, it is important to recognize that the result will not change anything immediately. The exact nature of the post-BREXIT UK-EU...more
In immediate response to the outcome of the recent referendum in the United Kingdom (UK) to leave the European Union (EU), the UK’s data protection regulator, the Information Commissioner’s Office (ICO) released the following...more
Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”) has been amended by The Digital Privacy Act (the “DPA”). DPA updates PIPEDA and modernizes Canadian data privacy and security law. DPA is now...more