European Union

If you are a GDPR-compliant company, does that mean you can start doing business in the United States with no additional thoughts about privacy?

As Simon Cowell says: “It’s a

Continue Reading What Does the EU-US “Draftequacy” Decision Mean for Companies Right Now?

The European Data Protection Supervisor (EDPS) has submitted comments to FTC Rulemaking on commercial surveillance.

Here are some key takeaways.

IOT devices:

  • It is important that data from the Internet
Continue Reading What Did the EDPS Have to Say About FTC Rulemaking on Commercial Surveillance?

You need a data retention plan. No really.

And not just in the European Union. In California too.

Commission Nationale de l’Informatique et des Libertés (CNIL) has fined messaging platform

Continue Reading Make Sure You Have a Good Data Retention Plan. You Need It.

For deidentification under the traditional laws like HIPAA, removal of identifiers qualifies.

That was a key facet of what I discussed last week on an anonymization panel during the IAPP

Continue Reading Deidentification vs Anonymization: What Is Enough?

Employers should have in place a process to delete former employees’ information – including public facing information and photos – to meet their retention limitation requirements, according to the Belgian

Continue Reading Caveat Employer? In the EU and California, Employers Must Beware!

President Joe Biden’s executive order on EU-U.S. data privacy is a “huge step” towards resolving the ongoing data transfer crisis.

It imposes limits on the collection and processing of information

Continue Reading President Biden’s Executive Order Is a Big Step Forward, but Will There Be Two Steps Back?

While speaking recently at the Nordic Privacy Arena in Sweden, I offered Nordic companies seven things they should think about when doing business in the United States.

For your reading

Continue Reading 7 Things Nordic Companies Should Think About When Doing Business in the US

I was lucky enough to give the keynote this week at the InfoGov World conference in San Diego.

Between panels and speeches, I came up with these seven hot topics

Continue Reading Data Protection Professionals Like it Hot: 7 Hot Topics and Trends in Data Privacy Today

Does vehicle service data for services performed on a vehicle while owned by a previous owner belong to the new owner and need to be provided as part of a

Continue Reading Does Vehicle Service Data “Relate to an Identifiable Individual?” Finland DPA Says It’s Complicated