Key practice takeaways from the Kişisel Verileri Koruma Kurumu (KVKK) Turkey EUR 195,000 fine against WhatsApp (which echoes the Data Protection Commission Ireland decision in many respects):

  • Consent as a legal basis can only be used when it is obtained for a specific data processing. Agreement to terms, which include transfers to third parties and

The UK’s Information Commissioner’s Office (ICO) is taking on cookie banners.

The office will call on fellow G7 data protection and privacy authorities to work together to overhaul cookie consent pop-ups in favor of software and device privacy settings.

“Joined by the Organisation for Economic Co-operation and Development (OECD) and the World Economic Forum (WEF),

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint security advisory aimed at reminding businesses to be on guard over the Labor Day and other holiday weekends against cyberattacks.

History has shown threat actors often ramp up ransomware and other attacks over holidays when businesses let down their guard.

Nate

Ireland’s Data Protection Commission has imposed a fine of €225 million (more than $267 million) on WhatsApp, a popular messaging app owned by Facebook.

Here are some key takeaways for companies subject to GDPR:

Drafting privacy notice disclosures

  • When providing disclosures in your privacy notice, make them easy to understand. It is important to keep

On August 27, 2021, Illinois Governor JB Pritzker signed the Protecting Household Privacy Act into law. It goes into effect Jan. 1, 2022.

House Bill 2553 prohibits Illinois law enforcement agencies from obtaining household electronic data or direct the acquisition of household electronic data from a private third party.

This includes any information or input

Here is one more note on the UK Department for Digital, Culture, Media and Sport’s (DCMS) new international transfers initiative: The documents contain a template and a detailed questionnaire for assessing the adequacy of the destination third country in connection with data protection.

These are organized, thorough and very user-friendly documents that should even prove

Can consent be considered “freely given” if the alternative is to pay 10, 20 or 100 times the market price of your data to keep it to yourself?

That is what noyb.eu is asking in new complaints against seven major German and Austrian news websites.

It’s important to note that a somewhat similar test requiring

The Information Commissioner’s Office (‘ICO’) has issued new guidance for public consultation on cross-border transfers of personal data from the UK to third countries without an adequacy decision, replacing the old Standard Contractual Clauses (‘SCCs’) which are currently in use for such transfers.

The guidance has three documents:

  • Guidance on conducting Schrems transfer impact assessment