A cookie is not just a cookie, according to the European Data Protection Board. It’s also similar technologies, and access and Internet of Things (IOT). Here are some key takeaways you need to know from the EDPB’s draft...more
Here are a few things to consider in a cross border complaint, according to the International Association of Privacy Professionals’ Data Protection Congress panel with Isabelle Vereecken of the European Data Protection Board,...more
Why is the new noyb action against websites and data brokers regarding cookie-based authentication important for compliance with the new U.S. privacy laws?...more
The European Data Protection Board (EDPB) has issued a long-awaited opinion on the EU-US Data Privacy Framework.
Here are some key takeaways:
The scope of the exemptions to the adherence to the principles, including on the...more
It’s six days into the new year and we already have four new comprehensive privacy bills from: New York, Kentucky, Tennessee and Oklahoma.
There are a lot of moving pieces here and you can go cross-eyed trying to comply with...more
The United States is adequate, at least according to a draft opinion on the EU-U.S. Data Privacy Framework. Here is a look at what the opinion says, and what U.S. companies involved in EU-U.S. transfers should be doing now....more
Does vehicle service data for services performed on a vehicle while owned by a previous owner belong to the new owner and need to be provided as part of a GDPR Access request?...more
What can we learn about disclosures and how to draft privacy notices from the Sweden IMY decision and why is it important for both GDPR companies and CPRA, CDPA, CPA and UCPA companies:...
...more
Here are five things you should know about Google Analytics, transfers and Schrems II.
1. Down to Middle Earth We Go Brush up on your J.R.R. Tolkien because Datatilsynet in its new guidance on cloud providers, says you...more
The German Data Protection Conference (DSK) issued guidance on the Federal Act on the Regulation of Data Protection and Privacy in Telecommunications and Telemedia (‘TTDSG’), which went into effect on December 1, 2021...more
12/30/2021
/ Consent ,
Cookies ,
Data Protection ,
Data Storage ,
Data Transfers ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Germany ,
Internet of Things ,
Opt-Outs ,
Popular ,
Telecommunications
“Clear is kind. Unclear is unkind,” according to author Brené Brown.
A joint opinion from the European Data Protection Board (EDPB) and European Data Protection Supervisor (EDPS) on the European Union’s proposed digital...more
The European Data Protection Board has issued final guidelines on virtual voice assistants.
The guidelines appear to be largely unchanged from the draft issued in February for public consultation...more
Third country laws – more than meets the eye. In practice – problematic legislation in disguise. The European Data Protection Board has issued a “Transformers” style plan for assessing whether or not you can transfer...more
The EDPB issued an opinion on the draft Standard Contractual Clauses (SCC) for a controller-processor data processing agreement under Article 28 (Data Processing Agreements) submitted by the Lithuanian supervisory authority....more
6/1/2021
/ Cross-Border Transactions ,
Data Breach ,
Data Controller ,
Data Processing Rules ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Right to Delete ,
Software ,
Standard Contractual Clauses ,
Third-Party
"Under no circumstances shall an individual's interaction with a covered entity's product or service when the covered entity has a terms of service or a privacy policy, including the short-form privacy notice, in and of...more
It's a new year and everyone makes resolutions, even the European Data Protection Board (EDPB).
In its 2021-2023 strategy, the EDPB sets four pillars and action items associated with them, leaving the bombshell to the very...more
Garante, the Italian data protection authority, has issued FAQ's on CCTV surveillance and data protection. Highlighting the European Data Protection Board's (EDPB) guidelines on the topic, here are some takeaways:
Area of...more
While we are all digesting (and lamenting) the European Data Protection Board's post-Schrems II Guidelines and cross-border transfer standard contractual clauses, the European Commission issued standard clauses that are meant...more
Brace yourselves, the post-Schrems II supplemental measures are coming!
The European Data Protection Board adopted recommendations on measures that supplement transfer tools to ensure compliance with the European Union...more
“I worry that we are caught in a DPA (Data Protection Authority) beauty contest of who issues the bigger fine,” said Ireland Data Protection Commissioner Helen Dixon in her keynote for Daniel Solove’s Privacy+Security Academy...more
How does GDPR apply to the transfer of personal data from an EU entity to an international organization?
“Entities subject to the GDPR that exchange personal data with international organisations have to comply with the...more
The Data Protection Authority for the German state of Baden-Württemberg has issued FAQs on the European Data Protection Board's (EDPB) Controller-Processor Guidelines.
Legal Concepts-
•Contractual clauses can represent...more
The European Data Protection Supervisor has issued guidance on data protection and body temperature taking.
Key takeaways:
•Basic body temperature checks designed to measure body temperature only, operated manually and...more
The UK’s Information Commissioner Office’s has issued a revised statement on the Schrems II.
“Further work is underway by the European Commission and EDPB to provide more comprehensive guidance on extra measures you may...more
In a landmark decision in what is popularly known as the "Schrems II" case, the Court of Justice of the European Union invalidated the EU-U.S. Privacy Shield, the framework that facilitated the transfers of personal data from...more
7/21/2020
/ Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Data Transfers ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
FISA ,
General Data Protection Regulation (GDPR) ,
Privacy Laws ,
SCC ,
U.S. Commerce Department