IAPP Global Privacy Summit Recap, Big Questions, and Indiana Jones Analogies
The EDPB released guidance last month to help companies understand their obligations when using newer tracking tools. These include pixels, URL tracking, IP-tracking, and the like. First, some background: an EU law that...more
By its much anticipated judgment of 4 May 2023, the European Court of Justice (CJEU) specified the requirements under which data subjects affected by a breach of the GDPR can claim for compensation of non-material damages...more
On 18 January 2023, the European Data Protection Board (the “EDPB”) announced the adoption of a report on the work undertaken by the Cookie Banner Task Force (the “Task Force”). The Task Force was formed in September 2021 for...more
On 18 January 2023, the European Data Protection Board ("EDPB") published a report on the work undertaken by its Cookie Banner Task Force to ensure a uniform approach regarding a number of cookie-banner-related complaints...more
The Data Act Proposal aims to provide fairness to data access and proposes new rules on who can use and access data generated in the EU across all economic sectors. It creates the obligation for manufacturers and designers to...more
UK government sets out ambitious proposal for reforming the UK data protection landscape. On 17 June 2022, the Department for Culture, Media and Sport (DCMS) published its response to its consultation “Data: a new...more
European regulators unofficially announced the major theme of this new year, through the release of several decisions pertaining to cookies and other tracking technologies in the first 10 days of 2022. As the General Data...more
On 24 June 2021, the Advocate General (AG) of the Court of Justice of the European Union (CJEU) issued his opinion on the preliminary ruling request submitted by Germany's Federal Court of Justice (Bundesgerichtshof) in case...more
Since the General Data Protection Regulation (GDPR) was enacted a little over 3 years ago in May 2018, many organizations that collect personal data of individuals in the European Union (EU) have enhanced their data privacy...more
Die Datenschutzorganisation noyb droht mit über 10.000 Beschwerden wegen möglicher rechtswidriger Verwendung von Cookies. Am 31. Mai 2021 startete die Datenschutzorganisation noyb (die Abkürzung steht für „none of your...more
The privacy organisation noyb will file more than 10,000 complaints for use of cookies contrary to its interpretation of compliance. On 31 May 2021, the nonprofit privacy organisation noyb (short for “none of your...more
On 31 May 2020, Max Schrems' organization, NOYB, launched a new campaign aimed at ending what they dramatically refer to as the “cookie banner terror.” The campaign was spearheaded by sending over 560 draft complaints to...more
The regulation of cookies and similar tracking technologies is rapidly evolving, not only in the European Union and United Kingdom but also in the United States and globally. If you have visited a website recently, you might...more
On 10 February 2021, the Council of the European Union (Council) agreed its negotiating mandate for the proposed Regulation on Privacy and Electronic Communications (ePR), which will replace the current ePrivacy Directive...more
On the 10 February 2021, ambassadors in the Council of the European Union Permanent Representatives Committee (COREPER) announced it had agreed a negotiating mandate on a draft ePrivacy Regulation (“the ePrivacy Regulation”)....more
The Council of the European Union (Council) released a new draft of the ePrivacy Regulation (Council doc. 5642/21) on January 5, 2021. Various versions of the ePrivacy Regulation have been under consideration in the Council...more
On 13 January 2021, the Advocate General (AG) of the Court of Justice of the European Union (CJEU) issued an important opinion in the case of Facebook Belgium v Gegevensbeschermingsautoriteit (C-645/19) which considers the...more
The French data protection authority’s decisions cite violations of the cookie rules under the ePrivacy Directive and provide important insights on explicit consent. Between December 2019 and May 2020, the French data...more
The Situation: On October 6, 2020, the Court of Justice of the European Union ("CJEU") held that the national security laws of the United Kingdom, France, and Belgium, which each require that providers of electronic...more
Last November, the Spanish Data Protection Authority (Spanish DPA) published its new Guidelines on the Use of Cookies within the framework of the GDPR and Spanish E-privacy rules. ...more
On June 19, 2020, the Conseil d’Etat, the highest administrative court in France, annulled in part the cookie guidelines issued by the CNIL (the French data protection authority). The court ruled that the CNIL did not have...more
42% European supervisory authorities have increasingly taken the position that, pursuant to the GDPR and the ePrivacy Directive, companies should notify visitors if they access or store information in a cookie, or if they...more
The German Federal Court of Justice (BGH) ruled on May 28 that an opt-out for cookies settings is inadmissible under German law under Section 15(3) of the German Telemedia Act (TMG) in conformity with the ePrivacy Directive...more
On March 12, 2020, the Information Commissioner’s Office (ICO), the U.K.’s data protection authority (DPA), published Guidance for data controllers on their data protection compliance obligations during the COVID-19 pandemic....more