Top Stories

Ireland’s Data Protection Commission has fined Meta €1.2 billion.
What, however, did the commission say in the case about using Art 49 derogations for transfers to the U.S.?
An overview:
Derogations are permissible only where they: “first, are ‘provided for by law’, secondly, respect the ‘essence’ of that freedom and…
Continue Reading Ireland’s Data Protection Commission, Meta and Art 49 Derogations: An OverviewThe European Parliament has voted against a U.S. adequacy decision under the proposed EU-U.S. Data…
Continue Reading European Parliament Says No to Personal Data Transfers With US Under Current RulesThe use of artificial intelligence by a company can be a gamechanger. But it also…
Continue Reading How to Safely Use AI SoftwareThe White House wants to promote “Responsible AI Innovation that Protects Americans’ Rights and Safety.”…
Continue Reading Biden Administration Wants to Promote Responsible AI Innovation and Protect PeopleThe Latest
Why is the new noyb action against websites and data brokers regarding cookie-based authentication important for compliance with the new U.S. privacy laws?
Because they set out to equivocally confirm…
Continue Reading To Best Comply With US Privacy Laws, It Can Be Helpful to Look to EuropeThe European Data Protection Board (EDPB) has issued a long-awaited opinion on the EU-US Data Privacy Framework.
Here are some key takeaways:
The Commercial Part:
The scope of the exemptions…
Continue Reading EDPB Issues Opinion on the EU-US Data Privacy Framework: Key TakeawaysThere’s no mistake, we’re in a recessionary cycle. We can stay out of the politics and debate related to predicting the exact cause, effect, size, and timeline of the recession.
Continue Reading The Impact of Recession on Cybersecurity Programs: Beware of the Trap GameIf you are a GDPR-compliant company, does that mean you can start doing business in the United States with no additional thoughts about privacy?
As Simon Cowell says: “It’s a…
Continue Reading What Does the EU-US “Draftequacy” Decision Mean for Companies Right Now?The European Data Protection Supervisor (EDPS) has submitted comments to FTC Rulemaking on commercial surveillance.
Here are some key takeaways.
IOT devices:
It is important that data from the Internet…
Continue Reading What Did the EDPS Have to Say About FTC Rulemaking on Commercial Surveillance?You need a data retention plan. No really.
And not just in the European Union. In California too.
Commission Nationale de l’Informatique et des Libertés (CNIL) has fined messaging platform…
Continue Reading Make Sure You Have a Good Data Retention Plan. You Need It.For deidentification under the traditional laws like HIPAA, removal of identifiers qualifies.
That was a key facet of what I discussed last week on an anonymization panel during the IAPP…
Continue Reading Deidentification vs Anonymization: What Is Enough?Employers should have in place a process to delete former employees’ information – including public facing information and photos – to meet their retention limitation requirements, according to the Belgian…
Continue Reading Caveat Employer? In the EU and California, Employers Must Beware!President Biden’s Executive Order Is a Big Step Forward, but Will There Be Two Steps Back?
President Joe Biden’s executive order on EU-U.S. data privacy is a “huge step” towards resolving the ongoing data transfer crisis.
It imposes limits on the collection and processing of information…
Continue Reading President Biden’s Executive Order Is a Big Step Forward, but Will There Be Two Steps Back?