Life with GDPR - Meta Fined €405 million by Irish Data Protection Commission
X Agrees to Stop Processing EU Data to Train its Grok AI - Ireland’s Data Protection Commission (“DPC”) recently filed an urgent High Court application against X (formerly Twitter) for using the personal data of European...more
Last month, the European Data Protection Board – which is composed of the national data protection authorities (‘Supervisory Authorities’) of the countries in the European Economic Area (‘EEA’), as well as the European Data...more
On 25 July 2024, the EU Commission published its second report on the application of the GDPR (the ‘Second Report’), following its first report published in 2020....more
In Part I, we discussed the European Commission’s (“Commission”) disapproval of Meta’s “pay or consent” subscription model. In Part II, we delve into the European Commission’s findings, prior findings by the European Data...more
UK Financial Insights from Katten is a monthly newsletter highlighting key noteworthy developments potentially affecting financial markets and funds in the UK and Europe....more
The European Data Protection Board (EDPB) recently adopted a statement suggesting the Data Protection Authorities’ (DPAs) role with regard to the EU AI Act recently published in the Official Journal of the EU....more
Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more
This regular alert covers key regulatory developments related to EU emergency responses, including in particular to Russia’s war of aggression against Ukraine, COVID-19, and cyber threats. It does not purport to provide an...more
Governing Data Protection Legislation - 2.1. Overview of principal legislation - The General Regulation Data Protection (Regulation (EU) 2016/679) (“GDPR”), as implemented by Law 190/2018 is the principal data...more
European Data Protection Board Publishes Strategy for 2024-27 - The European Data Protection Board (“EDPB” - the EU body tasked with promoting consistency and cooperation in enforcement of the GDPR) has outlined its...more
In December 2023, European Union (EU) lawmakers reached an agreement on the EU AI Act. In our article titled An Introduction to the EU AI Act, we focused on applicability, thresholds, timing, and penalties related to the EU...more
Valuable insights into the measures European regulators expect businesses to take to protect data privacy can be found in a report from the European Data Protection Board (EDPB) summarizing decisions under the EU’s General...more
The European Union (EU)’s government organizations are just like any another entity trying to function in a world where global companies and even government entities are reliant on digital platforms for messaging and...more
The opinion was issued in response to a request by the French Data Protection Authority and provides guidance on the conditions for determining a controller's main establishment where that controller has establishments in...more
This month the EDPB shed light on the question of lead supervisory authorities. The issue arose in response to a question late last month from the French supervisory authority. Some background. As most international...more
The European Data Protection Board (EDPB) during its 90th plenary session, on 14 February 2024, amongst other things: - adopted an opinion (the Opinion) on the notion of a controller’s main establishment, including...more
Each year, the CNIL selects key areas of high interest to concentrate its investigations and assess the compliance of select commercial sectors. On February 8, The CNIL announced its four main areas of focus for...more
The EDPB launched a website auditing tool to help legal and technical auditors at data protection authorities check whether websites are compliant with the law on 29 January 2024. Controllers and processors can also use the...more
The European Data Protection Board (EDPB) adopted a report on the challenges faced by Data Protection Officers (DPOs) (the Report) on 16 January 2024. This Report follows a coordinated investigation involving 25 EEA...more
FTC Announces Proposed Settlement with Data Aggregator over its Alleged Selling of Precise Location Data - The Federal Trade Commission (“FTC”), on January 18, 2024, announced a proposed settlement with InMarket Media...more
Article 5(3) of the EU ePrivacy Directive (ePD) requires consent for tracking cookies (unless exceptions apply). Although this rule is best known as the reason behind ‘cookie’ banners, it is technology neutral and applies to...more
The European Data Protection Board (EDPB), a board comprised primarily of representatives of the data protection supervisory authorities of the European Union’s member states, issued surprising new guidance in mid-November...more
A cookie is not just a cookie, according to the European Data Protection Board. It’s also similar technologies, and access and Internet of Things (IOT). Here are some key takeaways you need to know from the EDPB’s draft...more
On 14 November 2023, the European Data Protection Board (EDPB) adopted guidelines on the technical scope of Article 5(3) of the ePrivacy Directive (Directive 2002/58/EC, as amended) (ePD). This reflects the EDPB's intent to...more
Here are a few things to consider in a cross border complaint, according to the International Association of Privacy Professionals’ Data Protection Congress panel with Isabelle Vereecken of the European Data Protection Board,...more