"Monsters Inc." y el tratamiento de los datos
Un paquete de reformas relevantes fue aprobado recientemente en México, introduciendo nuevas regulaciones en materia de protección de datos personales y transparencia. Este cambio estructural en el marco normativo mexicano se...more
A major reform package was recently enacted in Mexico introducing new regulations on personal data protection and transparency. This structural shift in Mexico’s regulatory framework will unfold over the coming months, but...more
India just released a landmark draft of new rules to refine and implement the Digital Personal Data Protection Act (DPDP Act) – which is India’s first comprehensive data privacy legislation regulating digital personal data...more
Recently, the European Data Protection Board (EDPB) adopted an opinion addressing key data protection concerns arising from the use of Artificial Intelligence (AI) models. The opinion specifically focuses on how GDPR...more
En este episodio de "A Lo Legal En Par Minutos", nuestro socio Edwin Cortés conversa con Anna Catalina Pérez, abogada del área corporativa, acerca del tratamiento de los datos en empresas colombianas. Utilizando el ejemplo de...more
Just over one year after the Colorado Privacy Act Rules took effect, the Colorado Attorney General’s Office filed a set of proposed draft amendments that, if implemented, would significantly modify the Rules to reflect recent...more
On October 24, 2024, the Irish Data Protection Commission (DPC) issued a press release announcing its EUR 310 million fine of LinkedIn over the platform’s use of member personal data in breach of the EU’s General Data...more
Ohio House Bill 345, also known as The Ohio Personal Privacy Act, was introduced at the end of 2023 and is currently being considered in committee. The bill establishes requirements related to the collection, processing, and...more
Keypoint: Assuming the bills become law and go into effect, operators of websites and online services that collect the personal data of minors and are subject to the bills will need to undertake several compliance activities....more
On October 19, 2023, the Consumer Financial Protection Bureau (CFPB) issued an advance notice of proposed rulemaking (ANPR) with respect to a new consumer financial data portability rule mandated by Section 1033 of the...more
On August 9, 2023, India passed a data protection law that will govern how entities who process users’ personal data. The Digital Personal Data Protection Act (“the Act”) will establish guardrails for how organizations should...more
On March 8, 2023, the Data Protection and Digital Information (No. 2) Bill was introduced to the UK Parliament by the Department for Science, Innovation and Technology (DSIT). If enacted, the Bill will make changes to the UK...more
2023 continues to be a busy year for European data protection authorities. Following its release of the Irish Data Protection Commission’s (DPC’s) binding decisions in cases against Facebook and Instagram, the European Data...more
On 3 February 2022, the French Commission Nationale de l'Informatique et des Libertés (the "CNIL") published a set of commercial management guidelines for all organizations that conduct data processing for the management of...more
When GDPR became effective three years ago, companies took notice of the fines and penalties attached to violations of the stringent privacy law—4 percent of global annual sales....more
Keypoint: The Colorado bill mirrors the Virginia Consumer Data Protection Act and Washington Privacy Act but contains some notable differences. On March 19, 2021, Colorado lawmakers introduced the Colorado Privacy Act...more
Virginia Governor Ralph Northam signed the Consumer Data Protection Act (the “Act”) on March 2, 2021. The following are answers to some frequently asked questions about the Act and its impact on organizations doing business...more
Consumers are more aware than ever of data privacy and security issues. As technology develops, vast quantities of data are collected on individuals every minute of every day. Customers trust their institutions to keep the...more
To help its business customers with CCPA compliance efforts, Facebook has implemented the “Limited Data Use” feature which restricts how Facebook uses personal information of California individuals that it collects or...more
Spanish data protection authority Agencia Española de Protección de Datos (AEPD) has published helpful guidelines on the data protection aspects of using mobile apps intended to control access to places of business while the...more
A little more than six months ago, we addressed the challenges businesses faced in complying with CCPA when it came to their use of third-party adtech such as pixels, beacons and trackers. In line with the evolving nature of...more
Clinical trials have become increasingly important for pharmaceutical companies and medical device manufacturers, which are focused on collecting as much data as possible on products and devices and their adverse effects. All...more
The EDPB’s new Guidelines on Article 6(1)(b) may severely limit e-commerce business’ ability to enhance data processing by unilaterally defining contractual services....more
Who is responsible for putting a GDPR Article 28 Data Processing Agreement in place? Dutch Data Protection Authority, Autoreitpersoonsgegevens, says: BOTH the data controller and the data processor....more
The Dutch Data Protection Authority has written to the Dutch Banking Association to state that processing customers' transaction data for direct marketing purposes may not be in compliance with the General Data Protection...more