If you are filing a data access request and it is clear that the intention is something other than finding out whether the processing of the data was lawful, the
Continue Reading Beware the Motive Behind a Data Access Request
The old saying went that “if you don’t want it on the front page of the newspaper, don’t put it in an email.” Well, if you don’t want to produce
Continue Reading If You Don’t Want It Released to an Employee, Don’t Put It in Your Employee Files
What can the California Privacy Protection Agency learn from the EU experience as it gets ready to draft regulations regarding DPIAs? Here is a recap of my remarks from the
Continue Reading What Can the California Privacy Protection Agency Learn From Europe?
What do obscenity and data minimization have in common?
As Justice Potter Stewart famously wrote in his concurring opinion to the U.S. Supreme Court’s decision in the 1964 free speech
Continue Reading What’s Data Minimization? As the Saying Goes, You’ll ‘Know It When (You) See It’
The European Union is gearing up to regulate AI, but what is the U.S. doing?
Continue Reading The EU Is Preparing for Artificial Intelligence. What About the US?
The Electronic Privacy Information Center (EPIC) has issued comments on the Non-Traditional and Emerging Transportation Technology (NETT) Council.
Here are some of the key recommendations:
Let’s say you are an EU company. You engage a processor. Data is processed in the EU. There is no transfer.
But in the processor-sub-processor data processing agreement, the data
Continue Reading Where Is a Transfer? Datatilsynet Says Almost Everywhere!
Datatilsynet Norway has issued a helpful guide on the data protection aspects of employee monitoring, which are helpful for GDPR, but also for California employers with CPRA bringing employee rights
Continue Reading What Employers Need to Know About Monitoring Employee E-Mail
The European Commission has issued a public call for evidence in connection with access to vehicle data, functions and resources pursuant to the proposal for the Data Act.
Here are
Continue Reading The EU Data Act and Automobiles: What You Need to Know
What can we learn about disclosures and how to draft privacy notices from the Sweden IMY decision? And why is it important for both GDPR companies and CPRA, CDPA, CPA
Continue Reading Clear & Concise and Everything Nice: What the IMY Decision Means for Your Privacy Notice