What Can Estonia’s Short Term Vehicle Rental Sweep Teach Us About California?

Fox Rothschild LLP

Fox Rothschild LLP

Providers in the mobility space take note.

The Estonian Data Protection Inspectorate, Andmekaitse Inspektsioon, conducted a short term vehicle rental sweep that could be important in light of a declared connected vehicle sweep in California.

Here are some key takeaways.

Privacy Disclosures Must be Clear

  • The language in Estonia was not understandable, clearly formulated or easily accessible.
  • It used definitions and complex terms.
  • It referred to other documents that were not always available.
  • This wouldn’t be good enough in California either. The California Privacy Protection Agency recently announced that privacy disclosures are among its top enforcement priorities.)

Data Retention Must be Specific (Or at Least Not Vague)

  • It is not enough to say “data is stored as long as it is mandatory or permitted according to legislation or necessary to achieve the goals stated in the data protection conditions”
  • This is the case for new U.S. laws as well

Delete Data For Real

  • It is not enough to remove some direct identifiers or pseudonymize the data. You need to make it anonymous or delete it.

Read more here.

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Fox Rothschild LLP | Attorney Advertising

Written by:

Fox Rothschild LLP

Fox Rothschild LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide