On July 6, 2018, the UK Data Protection Authority, the Information Commissioner Officer (ICO), served what looks like the first enforcement notice regarding the processing of UK individuals’ personal data by a nonresident organization. The notice was directed to Aggregate IQ (AIQ), a digital advertising, web and software development company based in Canada. […]
On June 5, 2018, the European Court of Justice (CJEU), issued its preliminary ruling in C‑210/16, opining on the definition of data controller, applicable national law, and jurisdiction under EU data protection law according to Directive 95/46/EC. According to the CJEU’s judgement, EU companies that have been advertising through Facebook can be considered data […]
On October 24, 2017, Advocate General Bot issued his preliminary opinion in case C‑210/16, opining on the definition of a data controller, applicable national law, and jurisdiction under EU data protection law under Directive 95/46/EC. The opinion is not binding but if followed by the European Court of Justice (CJEU), EU companies that have been […]
The National Conference of State Legislatures collected all state laws regulating unsolicited electronic mail advertising. You can find it at this web page For more information on commercial or fraudulent electronic mail, Francesca Giannoni-Crystal Follow us on& Like us on
On May 16, 2017, the French, Belgian and Dutch members of the Data Protection Contact Group published the results of their investigations after WhatsApp issued its new privacy policy in August 2015, after joining Facebook. See here. The DPAs all over the world watched the changes closely and several EU authorities initiated national investigations to verify, […]
On March 28, 2017, the US House of Representatives approved 215 to 205 a joint resolution to repeal the order “Protecting the Privacy of Customers of Broadband and Other Telecommunications Services” (“Order”) published on November 2016. See here. The joint resolution (S.J.RES34) passed by the US Senate and the House of Representatives disapproves the Order submitted […]
Tags: DATA PROTECTION, US PRIVACY
When a US organization decides to self-certify under the EU-U.S. Privacy Shield, compliance with Privacy Shield principles becomes compulsory. This may be a problem for many US organizations because certain processing activities that they perform – which are perfectly lawful under American law — are unlawful under a Privacy Shield’s perspective. Why? And what to do? Let’s step […]
On December 21, 2016, Oracle asked the Federal Communications Commission (FCC) to reconsider its decision and order “Protecting the Privacy of Customers of Broadband and Other Telecommunications Services” (“Order”) published on November 2016. See here. At the beginning of 2017, several Internet Service Providers (ISPs) and cable associations filed Petitions for Reconsideration requesting the FCC to significantly […]
Tags: DATA PROTECTION, US PRIVACY
When a US organization decides to self-certify under the EU-U.S. Privacy Shield, compliance with Privacy Shield principles becomes compulsory. This may be a problem for many US organizations because certain processing activities that they perform – which are perfectly lawful under American law — are unlawful under a Privacy Shield’s perspective. Why? And what to do? Let’s step […]
Cookie regulation in Europe is quite strict. In a previous blog we discussed the cookie law of France, Germany, Italy and the UK, focusing on information to users, user consent and consequences of violations. However, cookies are not the only method to track users. There are cookie-free tracking methods that are similarly invasive, for example […]