News & Analysis as of

General Data Protection Regulation (GDPR) Personal Data Data Breach

Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts... more +
Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts individuals throughout the Union and all businesses operating therein. less -
Constangy, Brooks, Smith & Prophete, LLP

Chile brings its data privacy laws in line with global data privacy standards

Constangy, Brooks, Smith & Prophete, LLP on

Chile has amended its data privacy law granting significant rights to data subjects, and imposing stricter obligations on data controllers and processors. Published in the Official Gazette (Diario Oficial) on December 13,...more

A&O Shearman

Polish supervisory authority publishes updated guide on personal data protection breaches

A&O Shearman on

On February 20, 2025, the Polish Personal Data Protection Office (UODO) published an updated version of the guide on personal data protection breaches. The first edition was released in 2018. The latest version...more

Sheppard Mullin Richter & Hampton LLP

Don’t Forget the EU: Italy Issued First GenAI Fine of €15 Million Alleging GDPR Violations 

Sheppard Mullin Richter & Hampton LLP on

At the end of 2024 the Italian Data Protection Authority issued a 15 million euro fine in the first generative AI-related case brought under GDPR. According to Garante (the Italian authority), OpenAI trained ChatGPT with...more

DLA Piper

EU: DLA Piper GDPR Fines and Data Breach Survey: January 2025

DLA Piper on

The seventh annual edition of DLA Piper’s GDPR Fines and Data Breach Survey has revealed another significant year in data privacy enforcement, with an aggregate total of EUR1.2 billion (USD1.26 billion/GBP996 million) in...more

Jackson Lewis P.C.

Israel’s GDPR-like Legislation Set to Take Effect in 2025

Jackson Lewis P.C. on

In 2024, Israel became the latest jurisdiction to enact comprehensive privacy legislation, largely inspired by the EU’s General Data Protection Regulation (“GDPR”). On August 5, 2024, Israel’s parliament, the Knesset, voted...more

A&O Shearman

English Court reviews the ICOs first GDPR fine (again)

A&O Shearman on

In December 2019, the UK Information Commissioner’s Office (ICO) imposed a fine of £275,000 on Doorstep Dispensaree Limited (DDL) for multiple contraventions of the GDPR. On December 9 2024, five years on and three judgments...more

DLA Piper

Germany: Update: Judgment on Non-Material Damages for Loss of Control Over Personal Data

DLA Piper on

In its judgement of November 18, 2024 (case number VI ZR 10/24) the German Federal Court of Justice (Bundesgerichtshof – “BGH”) clarified key legal issues regarding claims for damages under Article 82 GDPR in the event of a...more

Osano

Privacy by Design: Understanding and Implementing the Framework

Osano on

As of this writing, the CAM4 security incident remains the largest data breach in history. The attack on the website exposed nearly 11 billion records, including users' names, email addresses, sexual orientations, chat...more

DLA Piper

Germany: Judgment on Non-Material Damages for Loss of Control Over Personal Data

DLA Piper on

On November 18, 2024, the German Federal Court of Justice (Bundesgerichtshof – “BGH”) made a (to date unpublished) judgment under the case number VI ZR 10/24 regarding claims for non-material damages pursuant to Art. 82 GDPR,...more

Pillsbury - Consumer Protection Dispatch

GDPR Enforcement: Lessons from Recent Data Privacy Penalties

Pillsbury - Consumer Protection Dispatch on

Recent decisions by the French data protection authority (CNIL) have highlighted the importance of GDPR compliance, particularly in the areas of data retention, consent for processing sensitive personal data, and marketing...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

International Data Transfers Remain Under EU and UK Regulatory Scrutiny

Ogletree, Deakins, Nash, Smoak & Stewart,... on

Organisations that make international transfers of personal data have undergone significant challenges and changes over the last few years. With the invalidation of the Privacy Shield agreement in 2020 and the introduction of...more

Ius Laboris

Massive fine for Uber of EUR 290 million

Ius Laboris on

On 26 August the Dutch Data Protection Authority (DPA) fined Uber EUR 290 million for a breach of the General Data Protection Regulation (GDPR). Following a number of complaints from French Uber drivers, the DPA found that...more

Alston & Bird

Dutch Data Protection Authority Warns that Using AI Chatbots Can Lead to Personal Data Breaches

Alston & Bird on

On August 6th, the Dutch Data Protection Authority (DPA) issued guidance cautioning companies about the potential data protection risks associated with the use of Artificial Intelligence (AI)-powered chatbots....more

A&O Shearman

UK - When is a data protection claim not a data protection claim?

A&O Shearman on

In a recent case, Pacini & Anor v Dow Jones & Company Inc., the publisher of the Wall Street Journal unsuccessfully applied to strike out a data protection claim concerning two historic articles....more

Osano

Will the U.S. Have a GDPR? With Rachael Ormiston of Osano

Osano on

In this episode of The Privacy Insider Podcast, host Arlo Gilbert is joined by Rachael Ormiston, Head of Privacy at Osano, to dive into the complex world of U.S. privacy regulations. How does the U.S. view privacy differently...more

Mayer Brown

EDPB Provides Guidance On Determining A 'Main Establishment' And The 'One-Stop-Shop' Mechanism

Mayer Brown on

The opinion was issued in response to a request by the French Data Protection Authority and provides guidance on the conditions for determining a controller's main establishment where that controller has establishments in...more

Robinson+Cole Data Privacy + Security Insider

Italian Data Protection Authority Alleges Breaches of GDPR by ChatGPT Platform

Robinson+Cole Data Privacy + Security Insider on

On January 29, 2024, the Italian Data Protection Authority (Garante) notified OpenAI of breaches of data protection laws involving its ChatGPT platform....more

Benesch

Privacy Points 2024: Recap and What to Watch For in 2024

Benesch on

Last year proved to be a big year in data protection with U.S. state data protection laws popping up across the country, the FTC updating its guidance and regulations on everything from data breaches and biometric...more

Alston & Bird

Are You Using EU Standard Contractual Clauses for Data Transfers? Be Aware of these Breach Notification Requirements

Alston & Bird on

It has become common knowledge that the General Data Protection Regulation (2016/679) (GDPR) heavily restricts transfers of personal data outside of the European Union (EU). In the absence of an adequacy decision by the...more

Sheppard Mullin Richter & Hampton LLP

CNIL Fines Canal+ Over Marketing and Data Security Concerns

Sheppard Mullin Richter & Hampton LLP on

The French Data Protection Authority announced a €600,000 fine against Groupe Canal+ over concerns with the media company’s direct marketing activities. According to the CNIL, the company sent users email marketing without...more

Akin Gump Strauss Hauer & Feld LLP

Kingdom of Saudi Arabia’s New Personal Data Protection Law and Implementing Regulations—Key Obligations, Responsibilities and...

Akin Gump Strauss Hauer & Feld LLP on

On September 7, 2023, the Saudi Authority for Data and Artificial Intelligence (SDAIA) issued the Implementing Regulations of the Personal Data Protection Law (the Implementing Regulations) and the Regulations on Personal...more

Osano

GDPR Compliance Checklist: 8 Steps You Need to Complete

Osano on

GDPR compliance can be tricky. Even if you summon the willpower to read through the law’s text, it can be tough to know where to start. As an alternative to pouring through the GDPR’s legalese, one way to establish a...more

Thomas Fox - Compliance Evangelist

The Importance of Effective Policies and Training in Data Protection: Lessons from a Scottish Hospital Breach

Thomas Fox - Compliance Evangelist on

I recently had the chance to visit with Jonathan Armstrong on a recent data breach case that occurred in the health service provider NHS Lanarkshire (Scotland) during the COVID-19 pandemic. This breach serves as a stark...more

Lowenstein Sandler LLP

State Data Protection Laws: What You Need To Know As States Ramp Up Enforcement

Lowenstein Sandler LLP on

Congress has repeatedly failed to pass comprehensive national data protection legislation, and the states are rapidly filling the void with laws that impose different requirements on a state-by-state basis. Most of these...more

A&O Shearman

How has GDPR influenced the evolution of data protection in APAC?

A&O Shearman on

International data protection law has taken a lead from the lessons learned in Europe since the introduction of GDPR. What influence have they had in APAC?...more

242 Results
 / 
View per page
Page: of 10
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide