Search Results for:

States Race After Utah on Minors’ Privacy Despite Legal Threats

The legislative and regulatory landscape concerning minors’ privacy is becoming increasingly protective, adding new complexity and uncertainty for companies as they navigate a patchwork of requirements. The latest legislative trend aims to regulate use of social media by minors and provide parents with greater control over their children’s social media…

Read More

Takeaways from Washington's Sweeping Health Privacy Bill

On April 27, Washington Gov. Jay Inslee signed into law the state’s sweeping health privacy bill – the My Health Data Act.[1] The act, which establishes a comprehensive privacy framework for entities that do business in the state and that handle consumer health data, will take effect less than a…

Read More

French Privacy Regulator Fines Apple 8 Million Euros for Ad Targeting Violations

On December 29, 2022, France’s privacy regulator (CNIL) imposed an €8 million fine on Apple. The CNIL found Apple in breach of France’s ePrivacy rules for not obtaining mobile users’ consent prior to reading and depositing Identifiers for Advertising (IDFAs) on those users’ devices. Apple has announced that it intends…

Read More

States Look to Strengthen Protections for Consumer Health Data Post-Dobbs

The Supreme Court’s ruling in the Dobbs Decision, which overturned Roe v. Wade and Casey v. Planned Parenthood and eliminated the constitutional right to an abortion, permitted states to regulate access to abortion services. Since the Supreme Court issued its opinion on June 24, 2022, privacy, consumer and reproductive health…

Read More

New Swiss Data Protection Law Will Become Effective September 1st, 2023 – What You Need to Know

On September 25, 2020, the Swiss Parliament approved revisions to Switzerland’s data protection law, the Federal Act on Data Protection of June 19, 1992 or FADP (“Revised FADP”). On August 31, 2022, the Swiss Federal Council decided that the Revised FADP will be brought into force on September 1st, 2023…

Read More

New EU Rules for Data Access and Sharing: What You Need to Know

On February 23, 2022, the European Commission published its proposal for a Regulation on Harmonized Rules on Fair Access to and Use of Data (“Data Act”), which focuses on data generated by Internet of Things (“IoT”) devices. The aim of the Data Act are to create a single market for…

Read More

French Data Protection Authority Fined Medical Software Provider for GDPR Violations

On April 21, 2022, France’s data protection authority, the Commission Nationale de l’Informatique et des Libertés (CNIL), announced its decision to fine medical software company Dedalus Biologie €1.5 million following a data breach that exposed health information of nearly 500,000 people. The CNIL noted the company violated several GDPR obligations,…

Read More

EDPB Defines a "Transfer" Under the GDPR

On 18 November 2021 the European Data Protection Board (“EDPB”) released its Guidelines 05/2021 on the Interplay between the application of Article 3 and the provisions on international transfers as per Chapter V of the GDPR (“Guidelines”) for public consultation.  The Guidelines clarify one of the most vexing issues in…

Read More

EDPB to Provide Clarification on Transfers to Importers Subject to the GDPR: Another New Set of SCCs Seen

The European Data Protection Board (EDPB) recently published minutes of its last plenary meeting held in September 2021, which (in paragraph 2) shed light on how the EDPB may address one of the biggest open issues regarding data transfers from Europe — whether under General Data Protection Regulation (GDPR), Chapter V data…

Read More

Europe Opts for Pragmatism with new SCCs and ICO Opens Consultations on UK SCC — What Companies Need to do Next

The dust has settled on the new EU standard contractual clauses for cross-border data transfers (“New SCCs”), but confusion still reigns on how the New SCCs cover data transfers and what companies need to do to take advantage of them and comply with regulatory implementation guidance, including in relation to…

Read More

12