Data Protection Report

JUNE 6, 2023

Whilst a significant part of the MPN is focussed on TikTok’s non compliance with the rules around processing children’s personal data, the MPN also clarifies how the ICO interprets the requirements in Article 13 of the UK GDPR more generally. Where a generic email address (e.g.

Privacy 97

Privacy GDPR Personal data Compliance 97

Data Protection Report

SEPTEMBER 11, 2024

The Dutch data protection authority, the Autoriteit Persoonsgegevens (AP) announced a fine of €290 million on Uber Technologies Inc. The fine relates to the transfer of drivers’ personal data to the US. Did transfers of personal data to the US take place? However, driver personal data is stored by UTI.

GDPR 92

GDPR Personal data Compliance Artificial Intelligence 92

Hunton Privacy

OCTOBER 24, 2022

On October 17, 2022, the French Data Protection Authority (the “CNIL”) imposed a €20 million fine on Clearview AI for unlawful use of facial recognition technology. Under the EU General Data Protection (the “GDPR”), biometric data qualifies as sensitive personal data and the processing thereof requires additional protection.

Data collection 72

Data collection Personal data GDPR Marketing 72

Security Affairs

APRIL 28, 2023

In early April, the Italian Data Protection Authority, c, temporarily banned ChatGPT due to the illegal collection of personal data and the absence of systems for verifying the age of minors. The Authority pointed out that OpenAI does not alert users that it is collecting their data.

Personal data 92

Personal data Privacy Access Education 92

DLA Piper Privacy Matters

AUGUST 8, 2022

On 26 May 2022, the TC260 released the Draft Requirements on Privacy Agreements for Internet Platforms, Products and Services (“ Draft Requirements ”) for public consultation. Personal Information Collection List : a list setting out the types of personal data collected or processed by services and business functions.

Privacy 94

Privacy Personal data Data collection Access 94

DLA Piper Privacy Matters

AUGUST 3, 2020

The amended APPI could have a significant impact on companies that handle personal information. Under the current APPI, data subjects have the right to request access, correction, deletion and cessation of the use of their personal data that is or is intended to be retained for six months or more (the “ Rights of Data Subjects “).

Personal data 122

Personal data Data breaches Compliance Risk 122

DLA Piper Privacy Matters

DECEMBER 3, 2021

45 of 2021 on the Protection of Personal Data Protection (“ PDPL ”), which was issued on 26 September 2021. Reassuringly, the PDPL does not contain any major divergences from other well-known data protection regimes, including the GDPR. What does the PDPL cover and who does it apply to? Definitions. Territoriality. Exceptions.

Personal data 105

Personal data Data breaches GDPR Compliance 105

DLA Piper Privacy Matters

OCTOBER 7, 2021

The Middle East’s data protection regulatory landscape is complex, and continues to develop with Saudi Arabia’s ( KSA ) newly published Personal Data Protection Law ( PDPL ). While the PDPL contains the main features of a modern data protection law, it cannot be considered a direct analogue of the GDPR.

Personal data 96

Personal data Compliance Computer and Electronics IoT 96

ARMA International

APRIL 18, 2022

Introduction to Data Protection Laws. Data protection laws, regulations, and rules control the collection, use, transfer, and storage of personal and sensitive information. Personal data protection requirements may be issued by federal, state (provincial), or local governments.

Personal data 100

Personal data GDPR Privacy Records Management 100

Hunton Privacy

FEBRUARY 3, 2022

The Belgian DPA rejected this argument and found that IAB Europe acts as a data controller with respect to the TCF and therefore can be held responsible for violations of the GDPR. The Belgian DPA found that IAB Europe does not have a legal basis for the processing of personal data through the TCF.

GDPR 111

GDPR Personal data Marketing IT 111

Data Protection Report

FEBRUARY 11, 2022

On 2 February 2022, the Belgian Data Protection Authority (the BDPA ) fined IAB Europe for various infringements in relation to the IAB Transparency and Consent Framework. Since then, the Belgian Data Protection Authority ( BDPA ) has taken on the lead role of investigating the TCF’s conformity with the GDPR. Background.

GDPR 90

GDPR IT Personal data Compliance 90

DLA Piper Privacy Matters

JULY 1, 2022

The China draft SCCs have been published, but may not provide the easy approach to cross border transfers of Mainland China personal data we have hoped to. the impacts of the data privacy laws and regulations of the destination country on the SCC; data subject rights, approaches to exercise such rights; and.

GDPR 97

GDPR Data Privacy Personal data Privacy 97

DLA Piper Privacy Matters

AUGUST 3, 2021

With this clause, the SCCs formalize the EDPB’s recommendation to perform a data transfer assessment before transferring personal data to a third country that does not provide for an adequate level of protection. The assessment must be documented and provided to the competent supervisory authority on request.

IT 119

IT Personal data Compliance Risk 119

DLA Piper Privacy Matters

APRIL 25, 2023

15(3) GDPR must be interpreted as requiring a data controller to provide the data subject with a copy of his or her personal data, even where the data subject requests the copy for purposes unrelated to data protection. The German Federal Court of Justice, in its decision of 29 March 2022 (Case No.

Access 52

Access GDPR Personal data IT 52

Hunton Privacy

FEBRUARY 2, 2022

On January 28, 2022, in celebration of Data Privacy Day, the Colorado Attorney General’s Office issued prepared remarks from Colorado Attorney General Phil Weiser and published guidance on data security best practices. Lastly, it will examine the degree to which the company vets and monitors its vendors’ data security practices.

Privacy 102

Privacy Security Data breaches Ransomware 102

Data Matters

JANUARY 28, 2022

Create, Maintain, and Exercise a Cyber Incident Response, Resilience, and Continuity of Operations Plan. While the Advisory only urges the adoption of comprehensive cybersecurity programs, an increasing number of states have begun to mandate such cybersecurity programs – especially if the organization possesses personal data.

Cybersecurity 155

Cybersecurity Financial Services Authentication Government 155

DLA Piper Privacy Matters

MAY 23, 2023

For Meta, the decision has resulted in a record administrative fine of €1.2bn, an order to suspend further transfers of EEA personal data to the US within five months, and an order to cease all unlawful processing of EEA personal data transferred to the US in violation of GDPR, within six months.

Personal data 59

Personal data GDPR Risk Privacy 59

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Security 87

Security Data breaches Ransomware Artificial Intelligence 87

AIIM

MARCH 29, 2022

From the Australian Open offering fans art ball NFTs with real-time match data to JPMorgan Chase’s tiger-friendly lounge in the blockchain-based world Decentraland, metaverse events are exploding into 2022 as powerful new weapons to engage with people. Of course, not every use case will materialize immediately. The Metaverse is Coming.

Blockchain 104

Blockchain Manufacturing Retail Privacy 104

Data Protection Report

JULY 11, 2023

It thereby declared that the United States (the US ) ensures an adequate level of protection for personal data transferred from the EU to US companies that have self-certified their adherence to the DP Framework Principles.

Data Privacy 40

Data Privacy Privacy IT Personal data 40

DLA Piper Privacy Matters

OCTOBER 17, 2022

A recent decision by the Irish Data Protection Commission (“ DPC “) imposing a record €405 million fine provides clarification on the lawfulness of processing children’s personal data in accordance with the legal bases of ‘performance of contract’ and ‘legitimate interest’. Background. Analysis of Article 6(1).

GDPR 97

GDPR Personal data Risk Compliance 97

eSecurity Planet

JULY 27, 2023

. “The macroeconomic headwinds, the interest rate hikes, the persistent inflation as well as the collapse of several tech banks has definitely slowed down the pace of the cybersecurity investments since 2022,” said Umesh Padval, who is a venture partner at Thomvest Ventures. This wound up being the inspiration for PrivacyHawk.

Cybersecurity 98

Cybersecurity Marketing Cloud Artificial Intelligence 98

DLA Piper Privacy Matters

MAY 23, 2022

On 12 May 2022, the European Data Protection Board ( EDPB ) adopted the draft Guidelines on the calculation of administrative fines under the GDPR (“ the Guidelines ”). The Guidelines will open for consultation until 27 June 2022 and a final version of the Guidelines is expected to be officially adopted by the end of 2022.

GDPR 98

GDPR Personal data Risk IT 98

Data Protection Report

JUNE 9, 2022

On 12 May 2022 EDPB adopted Guidelines on the calculation of administrative fines (the Guidelines ). Categories of personal data affected (e.g. Where a subsidiary is directly or indirectly wholly or almost wholly owned by the parent company, the rebuttable presumption is that the parent exercises decisive influence.

GDPR 52

GDPR Compliance Personal data IT 52

Hunton Privacy

SEPTEMBER 16, 2022

On September 15, 2022, California Governor Gavin Newsom signed into law the California Age-Appropriate Design Code Act (the “Act”). The Act, which takes effect July 1, 2024, places new legal obligations on companies with respect to online products and services that are “likely to be accessed by children” under the age of 18.

Privacy 67

Privacy Data Privacy Access Marketing 67

IBM Big Data Hub

JULY 11, 2023

The number of connected things surpassed the number of connected humans for the first time in 2022. Consumer ownership and control over identity and personal data is a key amplifier and enabler of EoT ecosystem value and the unlocking of B2B2C and B2C2B business models and innovation.

IoT 51

IoT Artificial Intelligence Agriculture Blockchain 51

Data Matters

NOVEMBER 4, 2020

Businesses must provide conspicuous links entitled “Limit the Use of My Sensitive Personal Information,” in the same manner Do Not Sell links are currently required, to facilitate consumers’ ability to exercise their rights with respect to sensitive personal information. Extends Employee- and B2B Exemptions for Two Years.

Privacy 120

Privacy B2B Sales Data breaches 120

Privacy and Cybersecurity Law

JUNE 23, 2021

Starting from January 1, 2022 [2] , the Operators included in the NCSP will be required to notify incidents to the Inter-ministerial Committee for the Security of the Republic (“ CSIRT ”). Each type of incident is then assigned an identification code followed by a brief description. Identification of security measures.

Cybersecurity 52

Cybersecurity Communications Data breaches Security 52

Hunton Privacy

MARCH 8, 2024

In this judgment, the CJEU assessed the role of the Interactive Advertising Bureau Europe (“IAB Europe”) in the processing operations associated with its Transparency and Consent Framework (“TCF”) and further developed CJEU case law on the concept of personal data under the EU General Data Protection Regulation (“GDPR”).

Personal data 69

Personal data GDPR Marketing Compliance 69

Hunton Privacy

JANUARY 6, 2022

In its petition, Accountable Tech cites President Biden’s Executive Order encouraging the FTC to use its rulemaking authority to establish rules that regulate “unfair data collection and surveillance practices that may damage competition, consumer autonomy, and consumer privacy.”

Marketing 81

Marketing Personal data Privacy Data collection 81

The Last Watchdog

AUGUST 1, 2023

SMEs, who once considered macOS as the safer option, should exercise caution and prepare themselves for the impacts of this changing threat landscape. This combination of stealth, persistence, data theft, and remote control makes the malware a very potent tool in the hands of malicious actors.

Insurance 189

Insurance Cybersecurity Risk Education 189

Data Protection Report

JANUARY 30, 2023

2022-Ohio-4649 (Ohio Dec. 27, 2022). 21, 2022) (2022 WL 17826875. 22, 2022), 6. b. 1798.135(a).) 3. c. EMOI Servs., Owners Ins. 4. c. Brickman v. United States , — F.4th 4th —- (9 th Cir. 5. c. Williams v. What If Holdings, LLC , No. C-22-03780 WHA (N.D.

Privacy 115

Privacy Cybersecurity Personal data Insurance 115

Hunton Privacy

OCTOBER 14, 2021

This bill becomes effective January 1, 2022. Genetic Data: California Data Breach Notification and Data Security Law Amendment Bill. AB-825 : This bill amends California’s (1) data breach notification law (for both government agencies (Cal. Genetic Data: Genetic Testing Privacy Bill.

Privacy 98

Privacy Insurance Security Data breaches 98

Data Protection Report

DECEMBER 17, 2020

The DGR does not create a right to re-use such data, but provides for a set of harmonized basic conditions under which the re-use of such data may be allowed. The DGR does not create a right to re-use such data, but provides for a set of harmonized basic conditions under which the re-use of such data may be allowed.

Government 102

Government Personal data Marketing Artificial Intelligence 102

Schneier on Security

MARCH 19, 2024

In a 2022 survey , Americans blamed social media for the coarsening of our political discourse, the spread of misinformation, and the increase in partisan polarization. Early demonstrations illustrate how chatbots can be used to surreptitiously extract personal data by asking you mundane questions.

Artificial Intelligence 138

Artificial Intelligence Marketing Risk Government 138