Odia Kagan

Follow:

Beware the Motive Behind a Data Access Request

By Odia Kagan on May 19, 2022

If you are filing a data access request and it is clear that the intention is something other than finding out whether the processing of the data was lawful, the…
Continue Reading Beware the Motive Behind a Data Access Request

If You Don’t Want It Released to an Employee, Don’t Put It in Your Employee Files

By Odia Kagan on May 12, 2022

The old saying went that “if you don’t want it on the front page of the newspaper, don’t put it in an email.” Well, if you don’t want to produce…
Continue Reading If You Don’t Want It Released to an Employee, Don’t Put It in Your Employee Files

What Can the California Privacy Protection Agency Learn From Europe?

By Odia Kagan on May 9, 2022

What can the California Privacy Protection Agency learn from the EU experience as it gets ready to draft regulations regarding DPIAs? Here is a recap of my remarks from the…
Continue Reading What Can the California Privacy Protection Agency Learn From Europe?

What’s Data Minimization? As the Saying Goes, You’ll ‘Know It When (You) See It’

By Odia Kagan on April 29, 2022

What do obscenity and data minimization have in common?

As Justice Potter Stewart famously wrote in his concurring opinion to the U.S. Supreme Court’s decision in the 1964 free speech…
Continue Reading What’s Data Minimization? As the Saying Goes, You’ll ‘Know It When (You) See It’

The EU Is Preparing for Artificial Intelligence. What About the US?

By Odia Kagan on April 25, 2022

The European Union is gearing up to regulate AI, but what is the U.S. doing?

There are new Federal algorithmic transparency bills being filed:
- The Algorithmic Accountability Act of 2022,

…
Continue Reading The EU Is Preparing for Artificial Intelligence. What About the US?

Some EPIC Thoughts on the Non-Traditional and Emerging Transportation Technology (NETT) Council

By Odia Kagan on April 21, 2022

The Electronic Privacy Information Center (EPIC) has issued comments on the Non-Traditional and Emerging Transportation Technology (NETT) Council.

Here are some of the key recommendations:

Public transit systems should use

…
Continue Reading Some EPIC Thoughts on the Non-Traditional and Emerging Transportation Technology (NETT) Council

Where Is a Transfer? Datatilsynet Says Almost Everywhere!

By Odia Kagan on April 15, 2022

Flags of USA and European Union — The flags of the United States and European Union.

Let’s say you are an EU company. You engage a processor. Data is processed in the EU. There is no transfer.

But in the processor-sub-processor data processing agreement, the data…
Continue Reading Where Is a Transfer? Datatilsynet Says Almost Everywhere!

What Employers Need to Know About Monitoring Employee E-Mail

By Odia Kagan on April 6, 2022

Datatilsynet Norway has issued a helpful guide on the data protection aspects of employee monitoring, which are helpful for GDPR, but also for California employers with CPRA bringing employee rights…
Continue Reading What Employers Need to Know About Monitoring Employee E-Mail

The EU Data Act and Automobiles: What You Need to Know

By Odia Kagan on April 1, 2022

The European Commission has issued a public call for evidence in connection with access to vehicle data, functions and resources pursuant to the proposal for the Data Act.

Here are…
Continue Reading The EU Data Act and Automobiles: What You Need to Know

Clear & Concise and Everything Nice: What the IMY Decision Means for Your Privacy Notice

By Odia Kagan on March 31, 2022

What can we learn about disclosures and how to draft privacy notices from the Sweden IMY decision? And why is it important for both GDPR companies and CPRA, CDPA, CPA…
Continue Reading Clear & Concise and Everything Nice: What the IMY Decision Means for Your Privacy Notice

menu

Privacy Compliance & Data Security