The Commission Nationale de l’Informatique et des Libertés in France recently took action against misleading cookie banners as subverting true consent.
This is not a new issue, though, with the
California Consumer Privacy Act
What Is Happening in Privacy Law?
Here are eight recent developments in privacy law you should consider as you get ready for the holidays.
Don’t Lie on Your AI
- The U.S. Federal Trade Commission recently issued
Employees Are People Too — And Not Just in California
I recently had the pleasure of speaking with the Atlantic County Bar Association. Here are some of the key takeaways from my presentation:
Employees are “consumers” under the California Consumer…
Continue Reading Employees Are People Too — And Not Just in CaliforniaCPPA and Data Brokers: What You Need to Know
The California Privacy Protection Agency is going after data brokers.
The CPPA board voted earlier this month to adopt new regulations regarding data broker registration requirements. If approved, the regulations…
Continue Reading CPPA and Data Brokers: What You Need to KnowUS Privacy Laws and Legislation: What You Need to Know
“The times they are a-changin’,” Bob Dylan sang almost 60 years ago. And when it comes to consumers’ reasonable expectations of privacy, they are still a-changin.
I recently participated in…
Continue Reading US Privacy Laws and Legislation: What You Need to KnowCPPA Issues Final Statement of Reasons for Amended CCPA Regulations
The California Privacy Protection Agency (CPPA) has issued a Final Statement of Reasons for amended California Consumer Privacy (CCPA) regulations.
Key Points:
The amendments were “necessary” (used 135 times), just…
Continue Reading CPPA Issues Final Statement of Reasons for Amended CCPA RegulationsWhat Does the EU-US “Draftequacy” Decision Mean for Companies Right Now?
If you are a GDPR-compliant company, does that mean you can start doing business in the United States with no additional thoughts about privacy?
As Simon Cowell says: “It’s a…
Continue Reading What Does the EU-US “Draftequacy” Decision Mean for Companies Right Now?Deidentification vs Anonymization: What Is Enough?
For deidentification under the traditional laws like HIPAA, removal of identifiers qualifies.
That was a key facet of what I discussed last week on an anonymization panel during the IAPP…
Continue Reading Deidentification vs Anonymization: What Is Enough?Caveat Employer? In the EU and California, Employers Must Beware!
Employers should have in place a process to delete former employees’ information – including public facing information and photos – to meet their retention limitation requirements, according to the Belgian…
Continue Reading Caveat Employer? In the EU and California, Employers Must Beware!Is Everything Sensitive Data?
After the recent Court of Justice of the European Union decision on sensitive inferences that can be drawn from the name of your spouse, it is fair to ask: Is…
Continue Reading Is Everything Sensitive Data?