Comments on the final California Consumer Privacy Act (CCPA) regulations asked if data brokers should be required to identify the factors they use in algorithmic decision making practices that affect the consumer, such as...more
Comments to the final California Consumer Privacy Act regulations asked if the CCPA carve-out regarding the Gramm Leach Bliley Act (GLBA), the data protection law governing US financial institutions, applies...more
Comments to the California Consumer Privacy Act (CCPA) final regulations asked: “If you get an access request and you know that the underlying motive for it is to conduct discovery for the purpose of contemplated litigation,...more
Under the California Consumer Privacy Act (CCPA), a data breach resulting from a lack of “reasonable security procedures and practices” gives rise to a private right of action (e.g. for a class action lawsuit).
Comments to...more
A comment requested that the California Attorney General clarify the specific requirements for making privacy notices “easy to read and understandable to the average consumer” under the California Consumer Privacy Act...more
As lockdown restrictions ease and businesses begin to reopen, the UK Information Commissioner's Office (ICO) has set out the key steps organizations need to consider around the use of personal information. They are:...more
A comment asks the California Attorney General if directing a consumer to an online form could constitute a valid notice at collection under the recently finalized California Consumer Privacy Act regulations.
The Attorney...more
In the detailed summaries of comments to the final California Consumer Privacy Act (CCPA) regulations, responses from the California Office of the Attorney General indicate that some areas and issues flagged in the comments...more
The European Data Protection Board has issued a statement on the adoption by the Hungarian government of derogations from certain data protection and access to information provisions of the European Union's General Data...more
The FTC has fined an app developer for failure to acquire parental consent for sharing online identifiers for use for targeted advertising.
A developer of apps that are popular with children has agreed to pay $150,000 and to...more
The IAPP – International Association of Privacy Professionals provides a helpful infographic on questions to ask concerning data collected when performing COVID-19 testing.....more
The “COVID–19 Consumer Data Protection Act of 2020” has been filed and purports to regulate the information collection which will likely increase as businesses and workplaces reopen. Provisions include:...more
The Federal Trade Commission has issued guidance on using artificial intelligence (AI) in algorithms.
Key Takeaways:
The use of AI tools should be transparent, explainable, fair and empirically sound, while fostering...more
The European Data Protection Board (EDPB) adopted a letter concerning the European Commission's draft guidance on apps supporting the fight against the COVID-19 pandemic.
Key Takeaways-
•The EDPB welcomes the Commission’s...more
California Attorney General Xavier Becerra issued an alert reminding consumers of their data privacy rights amid the COVID-19 public health emergency.
This included a specific reference to CCPA and the rights granted under...more
The Executive Committee of the Global Privacy Assembly (GPA) weighs in on data privacy and the coronavirus pandemic.
•The universal data protection principles in all our laws will enable the use of data in the public...more
Ireland’s Data Protection Commission weighs in on the issue of COVID-19 and data access requests:
“The Data Protection Commission acknowledges the significant impact of the Covid-19 health crisis which may affect...more
Coronavirus and Data Protection: New York Department of Financial Services had extended the deadline for compliance with its cybersecurity requirements.
•The Superintendent of Financial Services of the State of New York...more
Coronavirus and GDPR – the Belgian authority weighs in:
•Public health is paramount and prevention and the right to privacy are not incompatible.
•Follow the instructions of the competent authorities so that all measures...more
The California Attorney General has published a third draft of the California Consumer Privacy Act regulations-
Key takeaways:
Removes example indicating IP addresses may not be personal information in certain...more
France’s Data Processing Authority CNIL weighs in on Coronavirus and GDPR.
Employers should NOT:
•Collect in a systematic and generalized manner, or through individual inquiries and requests, information relating to the...more
Tell me, don’t sell me, the GDPR version.
The Dutch Data Protection Authority (AP) has imposed a fine of 525,000 euros on tennis association KNLTB for selling personal data without proper consent....more
If it’s not broker(ed) why fix it?
A new data broker bill has been submitted to the Washington State House of Representatives, following in the footsteps of Vermont and California....more
The European Data Protection Board has published draft guidelines for public comment on the data protection aspects of connected vehicles.
Key takeaways:
The Relevant Players-
Non exhaustive list of stakeholders: vehicle...more
2/12/2020
/ Connected Cars ,
Cybersecurity ,
Data Controller ,
Data Protection ,
Draft Guidance ,
Driverless Cars ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Popular
The California Office of the Attorney General has published proposed amendments to the California Consumer Privacy Act (CCPA) draft regulations. The amendments are open for public comment until 5 pm PT on Feb. 24, 2020....more
2/11/2020
/ Attorney General ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Opt-Outs ,
Personal Information ,
Privacy Laws ,
Right to Delete