General Privacy & Data Security News & Developments

“Privacy Commissioner of Canada Daniel Therrien believes the question about whether privacy legislation should be amended is in the past. It is no longer should the country’s privacy laws be amended, but what is the best way to do so, and with the announcement of the country’s Digital Charter, the commissioner said the federal government

Republican U.S. Sen. Josh Hawley plans to propose a bill that would let consumers block all websites from collecting unnecessary data.

The proposal would allow consumers to choose a single setting that opts out of all data collection “beyond what is indispensable to the companies’ online services.”

The bill would impose fines against companies of

  1. The French Data protection authority, CNIL, has issued a “Developer Kit” setting forth best practices for data protection.

Key takeaways:

  • Before using a development tool, especially for personal data, read the conditions of use.
  • If the data requires a maximum level of confidentiality, use tools with a local instance, rather than the cloud.
  • Conduct a

The Lithuanian data protection inspectorate issued a 61,500 EUR fine against a payment services provider for violations of the data minimization, adequate security measures and data breach reporting requirements of GDPR.

Key takeaways:

  • Data minimization:
    • Collect only the information you need. If you only need name, identification code, bank account number, currency, balance, purpose of

“C’est tres complique aujourd’hui de se declarer 100% conforme”

“In reality, it’s very complicated to declare in total and perfect conformity [with GDPR], be it today, in five or ten years, because it’s a continuous process. A company never really achieves 100% compliance, it works on it every day. It seeks to have compliance champions,

With the recent spate of class actions under Illinois’ Biometric Information Privacy Act (“BIPA”), courts are considering an array of litigation-related questions that such actions pose. One such issue recently was addressed in Liu v. Four Seasons Hotel, Ltd, 2019 Ill App (1st) 182645 (April 9, 2019), when the Four Seasons argued

The California Consumer Privacy Act “has galvanized the U.S. Congress to start thinking really hard about federal privacy legislation. We’ve encouraged them to do that,” said Federal Trade Commission Chairman Joe Simons.

Other key takeaways from Simons’ conversation with International Association of Privacy Professionals Chief Knowledge Officer Omer Tene:

  • Though not specifically commenting on any

“When it comes to tech in California, the balance is making sure we continue to have an environment that fosters creativity and innovation, while … fighting to have the proper amount of consumer protection and privacy that any of us … would want,” said Ian Calderon, California Assembly majority leader.

“The law may not be

A study shows that “92 percent of 36 mental health apps shared data with at least one third party — mostly services that help with marketing, advertising, or data analytics.”

“About half of those apps did not disclose that third-party data sharing, for a few different reasons: nine apps didn’t have a privacy policy at

Enforcement is coming – says CNIL, the French Data Protection Authority.

CNIL published its enforcement priorities for 2019. CNIL will no longer refrain from enforcing new obligations imposed by GDPR, but it will continue to exercise judgment in the choice of corrective measures and will not resort to fines every time. CNIL’s enforcement program will