A new study has found only 11.8% of the most popular Consent Management Platforms (CMPs) used on UK websites meet the minimal requirements under GDPR and Europe’s eDirective regulations regarding cookies and consent.

The researchers’ scraper was used to determine whether a consent form met GDPR and eDirective requirements.

The rules say consent must be

“Adequacy” seems to be the hardest word.

On the brink of Brexit and the UK becoming a “third country” without a so called “adequacy” status for the cross border transfer of personal data from the European Union — Could California have its own Privacy Shield arrangement separate from the rest of the U.S.?

This question

Wherefore art thou GDPR?

Some EU supervisory authorities are voicing dissatisfaction with enforcement of GDPR to date.

“After nearly one and a half years we must concede that we have a huge problem with the enforcement of cross border processing especially by globally acting companies,” says a spokesperson for the Hamburg data protection authority authority,

French Data Protection Authority CNIL has weighed in on CCTV surveillance in schools.

CNIL received 25 complaints regarding systematic surveillance of students throughout their day, whether during their recess, during their lunch in the canteen or even during their class time. These cameras also made it possible to film almost constantly a part of the

The United Kingdom’s Information Commissioner’s Office has issued for public consultation a  draft guidance on the Right of Access under the General Data Protection Regulation (GDPR).

Read my detailed analysis for key takeaways on how to handle the access request, and how to structure your systems to ensure that one does not fall between the

“Perhaps the more urgent need is to share ideas, instead of rushing to share people’s data,” writes European Data Protection Supervisor Wojciech Wiewiórowski.

“More than ever, there is a need to illuminate new paths for rewarding more sustainable business models that do not rely on the ubiquitous and constant tracking of human behaviour and relationships,

The Belgian data protection authority has published for public consultation its priorities for 2019-2025.

They are divided into three main categories:

Priorities by sector

  • Telecommunication and media
  • Government
  • Direct Marketing
  • Education

Priorities focused on the themes of the AVG (General Data Protection Regulation)

  • Role of the Data Protection Officer or “DPO”
  • Legitimacy of processing
  • Citizens’

In a statement of its priorities over the next year, French data privacy regulator CNIL emphasizes the importance of a balanced approach to data protection regulation.

Key Takeaways:

The CNIL’s enforcement actions have gained added momentum with enactment of the GDPR, and the CNIL must commit itself fully in this respect.

“At the same time,

How compliant is that cookie in the window?

The Dutch Data Protection Authority (AP) carried out a check on approximately 175 websites of web shops, municipalities and media, among other things, to determine whether they met the requirements for placing tracking cookies.

Almost half of the websites that use tracking cookies did not meet the

If at first you GDPR, CCPA, CCPA again.

A new CCPA fact sheet published by the California Attorney General provides a concise summary of the law and sets forth some steps that entities subject to GDPR may need to take to comply with CCPA.

This includes:

  • Additional data mapping to reflect the different requirements under