General Data Protection Regulation (GDPR)

99098409_s
Thumbs down image. White dislike icon on blue background.

Ireland’s Data Protection Commission has fined Meta €1.2 billion.

What, however, did the commission say in the case about using Art 49 derogations for transfers to the U.S.?

An overview:

Continue Reading Ireland’s Data Protection Commission, Meta and Art 49 Derogations: An Overview
Flags of USA and European Union
The flags of the United States and European Union.

The European Parliament has voted against a U.S. adequacy decision under the proposed EU-U.S. Data Privacy Framework.

Why?

  • Bulk collection: The framework still allows for bulk collection of personal data
Continue Reading European Parliament Says No to Personal Data Transfers With US Under Current Rules
PUB_Privacy(4)_1202221816

Why is the new noyb action against websites and data brokers regarding cookie-based authentication important for compliance with the new U.S. privacy laws?

Because they set out to equivocally confirm

Continue Reading To Best Comply With US Privacy Laws, It Can Be Helpful to Look to Europe
Flags of USA and European Union
The flags of the United States and European Union.

The European Data Protection Board (EDPB) has issued a long-awaited opinion on the EU-US Data Privacy Framework.

Here are some key takeaways:

The Commercial Part:

  • The scope of the exemptions
Continue Reading EDPB Issues Opinion on the EU-US Data Privacy Framework: Key Takeaways

If you are a GDPR-compliant company, does that mean you can start doing business in the United States with no additional thoughts about privacy?

As Simon Cowell says: “It’s a

Continue Reading What Does the EU-US “Draftequacy” Decision Mean for Companies Right Now?
Flags of USA and European Union
The flags of the United States and European Union.

The European Data Protection Supervisor (EDPS) has submitted comments to FTC Rulemaking on commercial surveillance.

Here are some key takeaways.

IOT devices:

  • It is important that data from the Internet
Continue Reading What Did the EDPS Have to Say About FTC Rulemaking on Commercial Surveillance?
Flags of USA and European Union
The flags of the United States and European Union.

You need a data retention plan. No really.

And not just in the European Union. In California too.

Commission Nationale de l’Informatique et des Libertés (CNIL) has fined messaging platform

Continue Reading Make Sure You Have a Good Data Retention Plan. You Need It.
PUB_Privacy(4)_1202221816

For deidentification under the traditional laws like HIPAA, removal of identifiers qualifies.

That was a key facet of what I discussed last week on an anonymization panel during the IAPP

Continue Reading Deidentification vs Anonymization: What Is Enough?

Employers should have in place a process to delete former employees’ information – including public facing information and photos – to meet their retention limitation requirements, according to the Belgian

Continue Reading Caveat Employer? In the EU and California, Employers Must Beware!