Does vehicle service data for services performed on a vehicle while owned by a previous owner belong to the new owner and need to be provided as part of a
Continue Reading Does Vehicle Service Data “Relate to an Identifiable Individual?” Finland DPA Says It’s Complicated
During a recent webinar hosted by The Chicago Bar Association, some other panelists and I made some predictions about the future of data privacy.
What is on the horizon?
California Attorney General Rob Bonta has issued statement about protecting health data in mobile apps in view of the upcoming SCOTUS decision in Dobbs. In the process, he also signaled
Continue Reading Keep Your Health Data Secure. And Your App-Hosted Health Data Securer.
The old saying went that “if you don’t want it on the front page of the newspaper, don’t put it in an email.” Well, if you don’t want to produce
Continue Reading If You Don’t Want It Released to an Employee, Don’t Put It in Your Employee Files
Let’s say you are an EU company. You engage a processor. Data is processed in the EU. There is no transfer.
But in the processor-sub-processor data processing agreement, the data
Continue Reading Where Is a Transfer? Datatilsynet Says Almost Everywhere!
Datatilsynet Norway has issued a helpful guide on the data protection aspects of employee monitoring, which are helpful for GDPR, but also for California employers with CPRA bringing employee rights
Continue Reading What Employers Need to Know About Monitoring Employee E-Mail
What can we learn about disclosures and how to draft privacy notices from the Sweden IMY decision? And why is it important for both GDPR companies and CPRA, CDPA, CPA
Continue Reading Clear & Concise and Everything Nice: What the IMY Decision Means for Your Privacy Notice
Here are five things you should know about Google Analytics, transfers and Schrems II.
1. Down to Middle Earth We Go
Brush up on your J.R.R. Tolkien because Datatilsynet in
Continue Reading 5 Things to Know About Google Analytics, Transfers and Schrems II
The United Kingdom’s Information Commissioner’s Office has issued draft guidance regarding governance and anonymization.
What does it mean for GDPR and for the host of new US Privacy laws, including
Continue Reading Anonymization Governance: Why It’s Important for GDPR and for CPRA
Many EU companies have their own ideas on what US Privacy laws mean for the, Here are three of the more common myths out there, busted.
I don’t
Continue Reading Busted: Three Myths EU Companies Have About US Privacy laws