BB&K's Christina Morgan Talks About Data Privacy in Riverside Lawyer Magazine - Due to rising concerns about privacy in the digital world, in April 2016, the European Union adopted the General Data Protection Regulation...more
Report on Supply Chain Compliance 2, no. 20 (Oct. 24, 2019) - The right to be forgotten is a statutory right under the GDPR, and since the implementation of that regulation in May 2018, there have been several requests for...more
In this month's edition of our Privacy & Cybersecurity Update, we examine five amendments to the California Consumer Privacy Act, the EU Court of Justice's rulings on the "Right to Be Forgotten" and what qualifies as a joint...more
No. The scope of the right to be forgotten under the CCPA and the GDPR differ in three important ways. First, the CCPA states only that a business may have to delete the information that it obtained “from” the consumer....more
The California Consumer Privacy Act ("CCPA") was enacted in early 2018 as a political compromise to stave off a poorly drafted, and plaintiff’s friendly ballot initiative. Although the CCPA is scheduled to go into force in...more
Why does this topic matter to organisations? EU data protection law provides data subjects with a wide array of rights that can be enforced against organisations that process personal data. These rights may limit the...more
The European Union's General Data Protection Regulation ("GDPR") is arguably the most comprehensive - and complex - data privacy regulation in the world. Although the GDPR went into force on May 25, 2018, there continues to...more
On June 28, 2018, California passed a new privacy law that is one of the most stringent consumer protection privacy laws in the nation. The California Consumer Privacy Act of 2018 (Act) introduces onerous new requirements and...more
The General Data Protection Regulation ("GDPR") becomes effective on May 25, 2018. Its goal is to protect EU citizens from privacy and data breaches. The key provisions of the GDPR and information on how it may impact...more
The European Union's General Data Protection Regulation ("GDPR") is arguably the most comprehensive - and complex - data privacy regulation in the world. As companies prepare for the GDPR to go into force on May 25, 2018,...more
Notice Requirements - The Privacy Shield notice requirements are more specific and detailed than what was required by the Safe Harbor regime. Safe Harbor required a privacy policy to provide information on data...more
In April 2016, the European Union adopted new legislation on data protection. The part relevant to private enterprises (EU Regulation 2016/679) is known as the General Data Protection Regulation or “GDPR.” The GDPR is subject...more
The EU General Data Protection Regulation (the “GDPR”) was adopted by the EU Parliament last April 14, 2016. The GDPR will replace the EU Data Protection Directive (95/46/EC), which was implemented more than 20 years ago....more
On December 15, 2015, the European Union reached an agreement on the final text of the new General Data Protection Regulation. The Regulation will replace the 1995 Data Protection Directive, which is currently the basis for...more
The new General Data Protection Regulation is effectively a “done deal” following the final trilogue meeting on December 15. One might assume based on UK media coverage that the biggest change in EU privacy law is that kids...more
In an expected but controversial move, Google has rejected a demand by the French Data Privacy authority CNIL to apply the European “Right to be Forgotten” worldwide. We have covered the E.U.’s Right to be Forgotten...more
While the last refrains of “should old acquaintance be forgot” fade away from New Years’ Eve celebrations, 2014 may be remembered as the year of the “right to be forgotten” in light of an EU privacy ruling last May. Below we...more
A few months after the European Court of Justice ruled on May 13, 2014 that search engines are considered personal data controllers under the EU Data Protection Directive of 1995 and, as such, should provide data subjects...more
On 18 September 2014, the European Union’s Article 29 Data Protection Working Party published a press release outlining its recent plenary session discussions on the so-called “right to be forgotten” or “de-listed.”...more
In May earlier this year, the European Union's top court held in favor of an individual who requested that Google remove the search results associated with his name. In this particular case, a Spanish citizen requested that...more
The recent high-profile decision by the European Court of Justice involving Google has highlighted the existence of stringent data privacy laws in the European Union (EU). However, although the Google decision was...more