The International Association of Privacy Professionals is holding its 2019 Europe Data Protection Conference in Brussels. Partner Odia Kagan, who is in attendance, shares some takeaways from day one of the event....more
The United Kingdom's Information Commissioner's Office has updated its guidance on Special Category Data (Article 9 General Data Protection Regulation). Key takeaways:
Genetic Data-
Genetic analysis that includes enough...more
The Spanish AEPD has published guidelines on patient health data protection.
The guidelines track the requirements of GDPR as applicable to patient data including the obligation to provide adequate disclosure under Article...more
The European Data Protection Supervisor (EDPS) has issued guidance on the concepts of data controller and processor for European Union organizations. Though it covers EU institutions, the guidance contains many concepts that...more
11/14/2019
/ California Consumer Privacy Act (CCPA) ,
Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Controller ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
EU ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Popular
The California Attorney General attached a Standardized Regulatory Impact Assessment (SRIA) of the economic impact of the draft California Consumer Privacy Act (CCPA) Regulations to the draft regulations. Some key...more
Do the draft CCPA Regulations make a big difference in compliance costs where it comes to privacy notices? Standardized Regulatory Impact Assessment (SRIA) of the economic impact of the draft CCPA Regulations says – maybe...more
On November 1st of last year, businesses became subject to new mandatory breach reporting regulations under Canada’s federal private sector privacy law, the Personal Information Protection and Electronic Documents Act...more
Google Analytics is in the crossfire in Germany.
The data protection authorities of the German states are being flooded with complaints, approximately 200,000 in number, regarding deployment of the Google Analytics service...more
The United Kingdom’s Information Commissioner’s Office has launched a public consultation on how to create a toolkit to help organizations assess whether they have appropriate and effective internal data protection governance...more
A survey of 777 registered voters in California showed 88 percent would support The California Privacy Rights Enforcement Act (CPREA), a 2020 ballot measure related to expansion of protections for personal information....more
California has amended its data breach notification law to include biometric and other identifiers.
The bill (AB 1130), signed by Gov. Gavin Newsom on October 11, revises the definition of personal information for purposes...more
For a less conservative take, here are the Ten Commandments of California Consumer Privacy Act Compliance:
• Thou shalt make for yourself a person overseeing privacy compliance in thine corporation....more
On Thursday, October 10, the California Attorney General issued draft regulations for the California Consumer Privacy Act. The regulations are open for public comment until December 6, 2019. Much has been written about the...more
10/14/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Opt-Outs ,
Personal Information ,
Privacy Laws ,
Right to Delete
Providers of services that involve the personal information of California residents: What do the proposed CCPA Regs mean for your compliance?...more
The California Attorney General has issued long-awaited draft regulations for the California Consumer Privacy Act (CCPA), which is scheduled to take effect in 2020....more
The Singapore Personal Data Protection Commission has issued guidance on privacy disclosures:
Highlight information that may be of particular concern to individuals, such as purposes of use or situations where personal...more
Consent is not needed for the transfer of personal data from Canada to other countries, says the Canadian Office of the Privacy Commissioner.
Following a consultation on transfers of personal information for processing,...more
Asking to read an electronic ID card as a condition for the provision of a service (issuing a rewards/loyalty card) is disproportionate and in violation of GDPR, says the Belgian data protection authority. The company was...more
The UK Information Commissioner’s Office (ICO) has joined data protection authorities from around the world in calling for more openness about the proposed Libra digital currency and infrastructure....more
Under the Bahrain Personal Data Protection Law (PDPL), which came into effect on August 1, 2019, organizations need to obtain consent from customers in order to collect, process, store and use their personal information for...more
The Hellenic DPA has issued an opinion regarding the appropriate legal basis for processing employee data under GDPR:
Consent should be used as the legal basis only where the other legal bases do not apply....more
“The decision to impose documentation requirements, rather than bright line rules, represents a significant departure from how the government traditionally aims to protect the public. It is akin to if federal regulators,...more
Big Picture Takeaways:
Facebook faces many detailed requirements for internal and external governance and oversight with extensive reporting requirements...more
7/25/2019
/ Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Data-Sharing ,
Facebook ,
Federal Trade Commission (FTC) ,
Fines ,
Personal Data ,
Personally Identifiable Information ,
Privacy Policy ,
Social Media
Italian Data protection Authority, Garante privacy, ordered a company that did not acquire granular consent for marketing from members of its loyalty programs to:
(i) stop processing personal data for marketing purposes...more
The Dutch Data Protection Authority has levied a fine of 460,000 euros on Haga Hospital for insufficient security following an investigation revealing that dozens of hospital staff had unnecessarily checked the medical...more