Life With GDPR: Cathay Pacific Enforcement Action
Life With GDPR: Episode 30- British Airways Data Breach Enforcement Action
E18: ICANN Loses First GDPR Court Ruling in Germany
FTC Announces Proposed Settlement with Data Aggregator over its Alleged Selling of Precise Location Data - The Federal Trade Commission (“FTC”), on January 18, 2024, announced a proposed settlement with InMarket Media...more
The updated reform legislation provides welcome guidance and clarifications on aspects such as legitimate interests and accountability, without substantially shifting the approach proposed under the existing reform bill. ...more
On 18 January 2023, the European Data Protection Board (the “EDPB”) announced the adoption of a report on the work undertaken by the Cookie Banner Task Force (the “Task Force”). The Task Force was formed in September 2021 for...more
The European Data Protection Board (EDPB) adopted a draft report of the work undertaken by the Cookie Banner Taskforce (the Report). The Report describes how regulators apply cookie legislation in handling certain types of...more
Hailed as an alternative approach to the EDPB’s transfer impact assessment, the ICO, with its updated international transfer guidance and its new TRA tool, aims to empower innovation and growth whilst protecting personal...more
Areas of interest include anonymisation, “recognised legitimate interests”, and the ICO’s role. The UK Data Protection and Digital Information Bill (the Bill) sets out the government’s proposals for reforming the current...more
Data subject access requests (DSARs) are a cornerstone of the data protection regime, being fundamental in helping individuals to exercise their rights. If individuals do not know what information an organisation has about...more
Colorado Attorney General Seeks Rulemaking Comments for the Colorado Privacy Act - With the Notice of Proposed Rulemaking set for fall 2022, Colorado’s Attorney General office is currently inviting preliminary comments for...more
The dust has settled on the new EU standard contractual clauses for cross-border data transfers (“New SCCs”), but confusion still reins on how the New SCCs cover data transfers and what companies need to do to take advantage...more
Companies have three months to prepare to use the latest standard contractual clauses for new data transfers, and 18 months to migrate existing arrangements. On 4 June 2021, the European Commission released its...more
California Can Enforce Net Neutrality Law After Court Victory - California’s net neutrality law bars internet service providers from prioritizing, blocking, slowing down, or speeding up internet content. California’s law...more
13 January 2021 – EU supervisory authorities response to UK cross-border transfers - Following the finalisation of the TCA, a number of supervisory authorities in the EU issued statements in response. In addition, on 13...more
On December 31, 2020, the Brexit transition period ended and the United Kingdom’s (UK) domestic implementation of the GDPR, the UK Data Protection Act 2018, as amended (UK GDPR), now governs the processing of personal data in...more
United States - Regulatory—Policy, Best Practices, and Standard - NIST Unveils Draft Guidance to Protect Critical Infrastructure - On October 22, 2020, the National Institute of Standards and Technology ("NIST")...more
The UK’s Information Commissioner Office’s has issued a revised statement on the Schrems II. “Further work is underway by the European Commission and EDPB to provide more comprehensive guidance on extra measures you may...more
The Information Commissioner's Office (ICO) has issued a statement confirming that data protection will not stop the need for businesses to share information quickly, or adapt the way they work to face the unprecedented...more
As highlighted by our new Privacy 2040 initiative, there have never been more opportunities to shape the existing and future privacy and cybersecurity legal framework. ...more
“Business as usual” for UK-EU data protection transition in 2020. On 29 January 2020, the EU Parliament approved the UK Withdrawal Agreement after the UK Parliament’s ratification via the EU Withdrawal Act 2020 on 23 January...more
The United Kingdom is no longer a member of the European Union and has entered into a transition period until December 31 2020, unless an extension of 1 or 2 years is agreed by July 1 2020 (the Brexit Long Stop Date). ...more
Now that Exit Day on 31st January is drawing close attention is focussing on what will happen during the transition period that will run from 31St January until the end of the year. ...more
We are now over a year on from the major changes made to the European data protection regime by the GDPR so it is time to revisit what the changes mean now for the hospitality sector and investment in it, given increased...more
On June 28, 2019, the French Data Protection Authority (CNIL) released its 2019-2020 action plan on ad targeting (action plan); among other things, the CNIL announced that it will issue new cookie guidance later this month...more
Adoption of the ePrivacy Regulation - Introduced in 2017, and originally slated to go into effect with the GDPR (on May 25, 2018), it now appears the ePrivacy Regulation will not be implemented before late 2021....more
Companies should identify data flows, implement a data transfer solution, and update internal documents and privacy notices. Since our blog on “What a “No Deal” Brexit Means for UK Data Privacy”, the European Data...more