Universal Consent: Building Beyond Cookie Consent
Data Dividend: What is Personal Data Worth?
Privacy Litigation Trends: Meta Pixels, Cookie Opt-Out, and Sale of Data
Data Revolution: How U.S. Privacy Laws Change the Way Data Should be Managed by Retail and Tech Industries
Fashion Counsel: Privacy in the Retail Fashion Industry
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
Welcome to the latest edition of Updata! Updata is an international report produced by Eversheds Sutherland’s dedicated Privacy and Cybersecurity team – it provides you with a compilation of key privacy and cybersecurity...more
On 18 January 2023, the European Data Protection Board (the “EDPB”) announced the adoption of a report on the work undertaken by the Cookie Banner Task Force (the “Task Force”). The Task Force was formed in September 2021 for...more
By the close of 2021, EU data protection authorities (“DPA”) had initiated investigations into a number of US tech companies operating in Europe and further investigations are set to continue. In a recent case concerning...more
European regulators unofficially announced the major theme of this new year, through the release of several decisions pertaining to cookies and other tracking technologies in the first 10 days of 2022. As the General Data...more
Die Datenschutzorganisation noyb droht mit über 10.000 Beschwerden wegen möglicher rechtswidriger Verwendung von Cookies. Am 31. Mai 2021 startete die Datenschutzorganisation noyb (die Abkürzung steht für „none of your...more
The Council of the European Union (Council) released a new draft of the ePrivacy Regulation (Council doc. 5642/21) on January 5, 2021. Various versions of the ePrivacy Regulation have been under consideration in the Council...more
Last November, the Spanish Data Protection Authority (Spanish DPA) published its new Guidelines on the Use of Cookies within the framework of the GDPR and Spanish E-privacy rules. ...more
On May 4, 2020, the European Data Protection Board adopted updated guidelines on what does and does not constitute consent under the General Data Protection Regulation (GDPR) in certain situations. Consent is one of the...more
The Situation: On July 4, 2019, the French data protection authority ("CNIL") published revised guidelines on the implementation of cookies or similar tracking technologies in order to take into account the new requirements...more
Under the ePrivacy Directive, in conjunction with the GDPR, the use of nonessential cookies (e.g., advertising and analytics) requires an affirmative, opt-in consent. Pre-ticked check boxes and other defaults that do not...more
The Court of Justice of the European Union (CJEU) published a judgment that echoes the recent developments discussed in our August update, "New Developments in EU for Cookies and Online Tracking." This is an important...more
The Court of Justice of the European Union (CJEU) – the European Union’s equivalent to the US Supreme Court – has issued a very important ruling with respect to cookie compliance that may require re-evaluation of your cookie...more
On 1 October 2019, the Court of Justice of the European Union (CJEU) issued its long-awaited decision in the case Planet49 (Case C-673/17). The decision clarifies the requirements for valid cookie consent under Directive...more
Data protection authorities (DPAs) in the European Union (EU) continue to scrutinize practices in the adtech sector for compliance with the EU’s General Data Protection Regulation (GDPR) and local data protection and...more
The Situation: Fashion ID, a German online clothing retailer, embedded on its website the Facebook "Like" button. When a user consults the website of Fashion ID, that user's personal data are transmitted to Facebook Ireland....more
On July 29, 2019, the European Court of Justice (ECJ) issued its decision in FashionID (Case C-40/17), determining that website operators are jointly liable with plugin providers for data collection and transmission through...more
Probably not. A cookie can qualify as “personal data” under GDPR when it can be linked to an individual person. Even in instances where a cookie cannot be linked, it is still governed by the ePrivacy Directive and...more
Following the one-year anniversary of the coming into effect of the GDPR, Hogan Lovells’ Privacy and Cybersecurity practice has prepared a compilation of key GDPR-related developments of the past 12 months. The compilation...more
The Dutch Data Protection Authority (the "Dutch DPA") has issued guidance stating that so-called "cookie walls" are not compliant with the General Data Protection Regulation (the "GDPR"). The guidance is not legally binding,...more
On 7 March 2019, the Dutch Data Protection Authority published guidance (in Dutch) that it considers “cookie walls” to violate the GDPR. A cookie wall is a pop-up on a website that blocks a user from access to the website...more
Following numerous privacy complaints, the State Office for Data Protection Supervision (BayLDA) recently conducted a random audit on 40 companies and found widespread problems with their cookie disclosures....more
According to a recent story published by The Register, the U.K. data privacy watchdog, the Information Commissioner’s Office (ICO) has issued a warning to the U.S.-based newspaper The Washington Post (WaPo) about obtaining...more
The Council of the European Union published a new draft of the ePrivacy Regulation (link here) for discussion purposes on 22 March. This draft aims to facilitate discussions as we are moving towards the final version of the...more
On 10 January 2017, the European Commission (‘Commission’) presented a proposal for a Regulation on Privacy and Electronic Communication (‘ePrivacy Proposal’). The main objective behind the proposed act is to align the...more
In the online advertising sector, achieving a successful advertising campaign often involves implementing cookies (small files stored on computers or mobile devices that contain information on the user's browsing history),...more