Life with GDPR - Meta Fined €405 million by Irish Data Protection Commission
Article 5(3) of the EU ePrivacy Directive (ePD) requires consent for tracking cookies (unless exceptions apply). Although this rule is best known as the reason behind ‘cookie’ banners, it is technology neutral and applies to...more
A cookie is not just a cookie, according to the European Data Protection Board. It’s also similar technologies, and access and Internet of Things (IOT). Here are some key takeaways you need to know from the EDPB’s draft...more
On 14 November 2023, the European Data Protection Board (EDPB) adopted guidelines on the technical scope of Article 5(3) of the ePrivacy Directive (Directive 2002/58/EC, as amended) (ePD). This reflects the EDPB's intent to...more
Why is the new noyb action against websites and data brokers regarding cookie-based authentication important for compliance with the new U.S. privacy laws?...more
On 18 January 2023, the European Data Protection Board (the “EDPB”) announced the adoption of a report on the work undertaken by the Cookie Banner Task Force (the “Task Force”). The Task Force was formed in September 2021 for...more
When it comes to website privacy compliance, cookies have consistently presented the most fraught issues for U.S. businesses. This is especially true for those businesses that find themselves in a sometimes new or often...more
The European Data Protection Board (EDPB) adopted a draft report of the work undertaken by the Cookie Banner Taskforce (the Report). The Report describes how regulators apply cookie legislation in handling certain types of...more
Following a similar case from Austria, the French data protection authority recently concluded that certain use of cookies placed by US data analytics tools violated GDPR. The case came before the CNIL as the result of a...more
United Kingdom New Standard Contractual Clauses Submitted to Parliament - The United Kingdom has finalized its new International Data Transfer Agreement and Addendum to the new EU standard contractual clauses. Subject to...more
On 19 January 2022, the European Data Protection Board (EDPB) announced the outcomes of its plenary session that took place earlier this week. The EDPB adopted new guidelines that provide guidance on various aspects of data...more
The German Data Protection Conference (DSK) issued guidance on the Federal Act on the Regulation of Data Protection and Privacy in Telecommunications and Telemedia (‘TTDSG’), which went into effect on December 1, 2021...more
This week the European Data Protection Board (EDPB), a body that represents European data protection authorities, set up a new cookie banner taskforce. The new taskforce will coordinate the response to over 400 complaints...more
This quarterly update highlights some of the international data protection issues that have caught our attention, and the attention of our clients, in the past three months....more
On 10 February 2021, the Council of the European Union agreed on a mandate for negotiating the final text of the proposed ePrivacy Regulation (the draft ePrivacy Regulation) with the European Parliament and the European...more
“I worry that we are caught in a DPA (Data Protection Authority) beauty contest of who issues the bigger fine,” said Ireland Data Protection Commissioner Helen Dixon in her keynote for Daniel Solove’s Privacy+Security Academy...more
Following the French Administrative Supreme Court (Conseil d’État) dated 19 June 2020 (see our alert here), the French Supervisory (CNIL) published on 01 October 2020 its updated guidelines (the Guidelines), replacing its...more
Court’s decision struck down blanket prohibition on so-called “cookie walls” that prevent users from accessing a website or an application. France’s Highest Administrative Court (the Conseil d’Etat) issued a decision on 19...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the Seventh Circuit's ruling finding standing for an Illinois Biometric Information Privacy Act claim, the European Data Protection Board's updated...more
On May 4, 2020, the European Data Protection Board (EDPB) adopted two important revisions to its 33-page Guidelines on Consent (Guidelines) under the General Data Protection Regulation (GDPR). The Guidelines are highly...more
On May 4, 2020, the European Data Protection Board (EDPB) adopted updated guidelines on consent under the General Data Protection Regulation (GDPR), in Guidelines 05/2020. The Guidelines clarify existing guidance issued in...more
On May 4, 2020, the European Data Protection Board (‘EDPB’) adopted updated guidelines on the meaning of ‘consent’ under the EU’s General Data Protection Regulation (‘GDPR’)....more
The International Association of Privacy Professionals is holding its 2019 Europe Data Protection Conference in Brussels. Partner Odia Kagan, who is in attendance, shares some takeaways from day one of the event....more
EU Court Allows Class Action to Proceed, Sets Precedent for Future Data Breach Class Actions - A class action brought against Google will be allowed to move forward after the plaintiff’s appeal was permitted, allowing him to...more
On 1 October 2019, the Court of Justice of the European Union (CJEU) issued its long-awaited decision in the case Planet49 (Case C-673/17). The decision clarifies the requirements for valid cookie consent under Directive...more
Federal US News - FTC Takes Action Against Companies Falsely Claiming Compliance With International Privacy Agreements - The FTC reached a settlement with a background screening company over allegations it falsely claimed...more