On June 20, 2019, the UK Data Protection Authority, the Information Commissioner Officer (ICO), published an update report into adtech and real time bidding. The ICO is waiting for the adtech sector response to the report and will then undertake a “further industry review in six months’ time”. The report focuses on Real-Time Bidding (RTB). […]
On July 16, 2019, the UK Data Protection Authority, the Information Commissioner Officer (ICO), opened a consultation on a data sharing code of practice. The consultation closes on September 9, 2019. The data sharing code is a practical guide for controllers sharing personal data. It gives guidance on the applicable law and provides good […]
On July 4, 2019, the Commission Nationale de l’informatique et des Libertés (CNIL), the French Data Protection Authority (DPA) adopted new guidelines on cookies and other tracking devices (“Guidelines”). According to the press release, the scrolling down or swiping through a website or application is no longer viewed as a valid expression of consent to the […]
On July 17, 2019, the European Data Protection Supervisor (EDPS) adopted and published a list of the types of processing operations that require a data protection impact assessment (DPIA) under Article 39 of Regulation (EU) 2018/1725 for the EU institution. The EDPS also adopted a list of those processing that at first sight do not […]
On July 9, 2019, the Court of Justice of the European Union heard oral arguments on a landmark case concerning Facebook’s transfer of personal data from the EU to the US on the basis of the currently utilized “standard contractual clauses” (SCCs) mechanism. See here for more info. The oral hearing took place in front […]
On February 14, 2019, the United States District Court for the Northern District of California ordered a United Kingdom citizen, party to a U.S. litigation, to produce in unredacted form e-mails containing personal information that could be protected under the GDPR. By way of background. In this patent infringement suit, Plaintiff owned patents involving computer […]
On July 10, 2019, the European Data Protection Board (EDPB) adopted Guidelines 3/2019 on processing of personal data through video devices. Objective of the guidelines is to provide guidance on how to apply the General Data Protection Regulation, GDPR, in relation to the processing of personal data through video devices. The Guidelines provide several […]
On July 3, 2019, the UK Data Protection Authority, the Information Commissioner Officer (ICO), published a new guidance on the use of cookies. The guidance explains what cookies and similar technologies are, the applicable rules, and how they relate to the General Data Protection Regulation (GDPR) as well as how to comply with the cookie rules. […]
On May 30, 2019, Oregon Governor signed HB 2395 containing security measures required for devices that connect to the Internet and that are assigned an Internet Protocol address or another number that identifies the connected device. The manufacturer shall equip the connected device with “reasonable security features”, which may consist of means for authentication from […]
UPDATE ICO was requested the status of this proposed penalties on Nov 12, 2019. ICO issued a response ICO Disclosure Log – Response ENQ0889841: “[Marriott] made representations to the Information Commissioner regarding these notices in accordance with Schedule 16, paragraph 3(3) of the Data Protection Act 2018. The Information Commissioner is considering those representations in deciding […]