This site uses cookies to improve your experience. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country, we will assume you are from the United States. Select your Cookie Settings or view our Privacy Policy and Terms of Use.
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Used for the proper function of the website
Used for monitoring website traffic and interactions
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Strictly Necessary: Used for the proper function of the website
Performance/Analytics: Used for monitoring website traffic and interactions
Sara Agate, MPH (@sara_agate) March 2, 2019. The following comprises our audio coverage of ABA TECHSHOW 2019 and a list of those who participated. Laurence Colletti (@LaurenceEsq) February 27, 2019. ABA TECHSHOW 2019: Keynote Address. ABA TECHSHOW 2019: Tech Books For Lawyers. But so what?
Every day, more and more companies face the problem of personal dataprotection. As companies are increasingly scrutinised for proper dataprotection, it’s worth paying close attention to the latest best practices to avoid dealing with the potential negative consequences of a data breach.
million for vendor oversight failings, unlawful cross-border transfers What happened : The AEPD, the Spanish dataprotection authority (“DPA”), fined Vodafone Spain €8.15 4 million was for allegedly deficient oversight of Vodafone’s data processors. Here are our highlights of what you need to know.
million fine against Austrian Post for channelling electronic dataprotection-related inquiries to a web form and not offering an additional email address, irrespective of the data subject option to also use non-electronic postal mail or customer service.
The big news this November was the European DataProtection Board (the “EDPB”) issuing its highly anticipated post- Schrems II data transfer guidance, followed just a day later by the European Commission’s draft updated Standard Contractual Clauses (“SCCs”) (see our blog post here ). Bonn Regional Court slashes Telco’s €9.55
UK DPA launches data transfer consultation What happened : The ICO launched a consultation covering its international data transfer guidance, draft transfer risk assessment tool (“TRA”) and draft international data transfer agreement (“ IDTA ”). These developments, and more, covered below.
In this post, we look back at the 2020 European dataprotection landscape and five trends that help companies understand not only where we are, but where dataprotection enforcement, litigation, and practice may be headed. million against Marriott for its 2018 data breach When you dig deeper though, two key points emerge.
Our top five European dataprotection developments from June are: Non-material damage under GDPR: The CJEU clarified the scope of compensation for non-material damage in the context of identity theft and data subjects’ fear that their personal data had been exposed. These developments, and more, are covered below.
In March 2023, Meta Platforms lost a class action lawsuit against the Dutch Data Privacy Stichting in an Amsterdam court, acting in conjunction with the Consumentenbond, the Dutch Consumers’ Association. Thus, investigating the issue of processing sensitive data for advertising purposes, the court determined in paragraph 13.14
This judgment arose from a 2019 cyberattack against the Bulgarian National Revenue Agency which resulted in a threat actor publishing more than 6 million people’s personal data on the internet. The rulings arose at the request of both the German and Lithuanian courts, following local administrative fines.
We also saw developments in the courts on when companies will be liable to pay individuals damages for GDPR violations and the German anti-trust regulator using its new enforcement powers. This follows a February 2021 reference by the German courts to the CJEU on whether the GDPR imposes a materiality threshold for damages claims.
. : Business may want to revisit their cross-border data transfer arrangements following the new adequacy decision for the EU-U.S. Data Privacy Framework, assess whether they are eligible to self-certify and, if they are, whether it makes sense to. Data Privacy Framework (the “DPF”). Data Privacy Framework (the “DPF”).
Companies must also foot the bill for consumer data requests authorized under privacy regulations unless the request is “excessive.” 23, 2015) the court observed that responding parties presumptively bear the expense of complying with discovery requests unless the expense is “significant.” 11 cv 4071 (N.D.
HealthCareInfoSecurity.com reported that “A user of the now-shuttered BreachForums in April 2021 posted a data set of 533 million Facebook profiles, including mobile numbers, email addresses and names scraped from the site in 2018 and 2019.” Facebook reported revenue of $23 billion in 2022 and $39 billion in 2021.
The DSA will require much agency and court interpretation to give legal certainty to intermediaries and the recipients of their services. The DSA promises to change the internet inside the EU, and likely create spillover effects outside the EU. As the GDPR has shown, such spillover can result in U.S.
With cybersecurity becoming a board-level issue, compliance officers, lawyers, board members, and business drivers are looking for official guidance or recommendations on cybersecurity measures to protect business, customers, and the wider economy. Whose guidance to use? mln and Euro 20.45
Businesses operating in France should take these new blockbuster fines as another reminder of the importance of dataprotection frameworks and policies. In 2019 and 2020, the CNIL’s inspectors performed online checks of google.fr Background. and amazon.fr
Overview In a much anticipated decision, the UK Supreme Court has unanimously decided that a mass claim brought against Google by Mr Richard Lloyd, on behalf of a class that could include as many as 4.4 million iPhone users (the “iPhone Users”), cannot proceed, as currently constituted, as a ‘representative action’ in the English courts.
In 2019, the ED used this power to cease three chimpanzees and four marmosets as ‘proceeds of crime’. Fast forward to the last month, the Delhi High Court used the long arm of the PMLA to classify PayPal as a ‘reporting entity’ under the PMLA. The Court rejected this premise. The data law is nearly here! Google them.
This is because the obligations and prohibitions imposed on gatekeepers will either directly or indirectly vest other groups with rights they can pursue before national courts. 2(1)–(2) of the Digital Content Directive (2019/770)). DMA recital 12). 7) Providers of digital content or digital services (as defined in Art. 5, 6 and 7 DMA.
The TDPA provides for a private right of action for violation of the prohibition to sell, lease, or disclose data. Compensatory damages or damages between $200 and $1,000 are authorized for each unlawful sale, as are reasonable attorneys’ fees and court costs. 2019 IL 123186, 129 N.E.3d See Vance v. Amazon.com Inc. ,
Notably, the post that captured the most eyes was about New York becoming the first state to mandate CLE in cybersecurity, privacy and dataprotection. The second most popular post was a test of the BriefCatch legal editing software using the leaked draft of the Supreme Court’s opinion in Dobbs v.
Under this requirement, businesses need to establish time limits for data deletion and to institute a periodic review of the necessity for continued data retention. The UK DataProtection Act of 2018 has a similar provision. 2019 WL 118412 (D. 7, 2019) (denying Quick Fitting, Inc.’s 2019 WL 3290346 (D.
In particular: in what circumstances, if any, would regulators or courts find that a flawed machine learning or AI model must be scrapped entirely? According to the settlement, between July 2018 and April 2019, Everalbum represented to users that it would not apply facial recognition to users’ content unless a user affirmatively opted in.
And second, even if the model can be completely cleansed of the tainted data, should the appropriate remedy for the data violation include destruction of the model? International & Kurbo On March 3, 2022, the FTC reached a court-approved settlement with Kurbo, Inc. This is an important course correction.”
National courts will have to determine whether a feeling of displeasure meets the threshold of non-material damage. What to do : Keep an eye out for the final decision by the court. Advocate General opinions are influential but not binding.
As a general rule, however, the FTC’s Division of Privacy and Identity Protection (the “DPIP”) initiates privacy and cybersecurity investigations via civil investigative demands (“CIDs”). A CID is a type of Commissioner-authorized subpoena, enforceable in court, that subjects the recipient to a number of formalized processes and timelines.
The court says this isn’t a dispositive issue because “Judge Coogler would have come to the conclusion that Defendants were content providers and thus not entitled to immunity under Section 230 even if he had not considered Anderson.” I disagree strongly with this court’s assessment. TikTok ruling. Reddit, Inc.
Alleged violators may seek additional judicial review in federal district court. companies, universities, institutions and individuals should consider taking the following steps: Understanding Data Flows: Compliance may be challenging unless U.S. Engaging in data-mapping exercises may alleviate this burden.
We organize all of the trending information in your field so you don't have to. Join 5,000+ users and stay up to date on the latest articles your peers are reading.
You know about us, now we want to get to know you!
Let's personalize your content
Let's get even more personalized
We recognize your account from another site in our network, please click 'Send Email' below to continue with verifying your account and setting a password.
Let's personalize your content