U.S. companies thinking about falling back on “disproportionate” effort for access requests under the new U.S. privacy laws because they require compiling too many documents should think again.
The Berlin
European Union
A Helpful Guide on Data Processing Consent
The Office of the Data Protection Authority of the Bailiwick of Guernsey has issued concise guide on the definition of consent.
This is helpful not only for GDPR, but…
Continue Reading A Helpful Guide on Data Processing ConsentAre Test Answers Personal Data?
Are test questions and answers personal data that needs to be provided pursuant to an access request?
A German court recently weighed in, providing some good insight regarding both…
Continue Reading Are Test Answers Personal Data?Information Commissioner’s Office Issues Guidance on How to Keep Employment Records: What You Need to Know
The United Kingdom’s Information Commissioner’s Office recently issued guidance on how to keep employment records.
This is good advise for employers beyond Europe (and particularly in California). The data…
Continue Reading Information Commissioner’s Office Issues Guidance on How to Keep Employment Records: What You Need to KnowA Cookie Is Not Just a Cookie: EDPB Issues Draft Guidelines on Art 5(3) ePrivacy Directive
A cookie is not just a cookie, according to the European Data Protection Board. It’s also similar technologies, and access and Internet of Things (IOT).
Here are some key takeaways…
Continue Reading A Cookie Is Not Just a Cookie: EDPB Issues Draft Guidelines on Art 5(3) ePrivacy DirectiveCross Border Complaints: What You Need to Consider
Here are a few things to consider in a cross border complaint, according to the International Association of Privacy Professionals’ Data Protection Congress panel with Isabelle Vereecken of the European…
Continue Reading Cross Border Complaints: What You Need to ConsiderWhat Can Estonia’s Short Term Vehicle Rental Sweep Teach Us About California?
Providers in the mobility space take note.
The Estonian Data Protection Inspectorate, Andmekaitse Inspektsioon, conducted a short term vehicle rental sweep that could be important in light of a declared…
Continue Reading What Can Estonia’s Short Term Vehicle Rental Sweep Teach Us About California?Ireland’s Data Protection Commission, Meta and Art 49 Derogations: An Overview
Ireland’s Data Protection Commission has fined Meta €1.2 billion.
What, however, did the commission say in the case about using Art 49 derogations for transfers to the U.S.?
An overview:…
Continue Reading Ireland’s Data Protection Commission, Meta and Art 49 Derogations: An OverviewEuropean Parliament Says No to Personal Data Transfers With US Under Current Rules
The European Parliament has voted against a U.S. adequacy decision under the proposed EU-U.S. Data Privacy Framework.
Why?
- Bulk collection: The framework still allows for bulk collection of personal data
GDPR After 5 Years: Where Does the Regulation Stand?
The GDPR journey has not been wonderful.
NOYB has 800 cases out and the enforcement process is difficult because procedural law is different in different countries.
This wasn’t what we…
Continue Reading GDPR After 5 Years: Where Does the Regulation Stand?