Search Results: Data Privacy in Transactions and Agreements

CNIL Sets Parameters for Processors' Reuse of Data for Product Improvement

On January 12, 2022, the French data protection authority, Commission nationale de l’informatique et des libertés, issued guidance on the reuse of personal data by processors for their own purposes under the EU General Data Protection Regulation. The guidance addresses one of the most common — and hotly contested — aspects of…

Read More

Israel's Privacy Regulator Relaxes Onward Transfers Restriction

In a draft opinion published today, the Israeli Privacy Protection Authority (IPPA) relaxed one of the most stringent requirements under Israel’s data protection law, which for years cast doubts over the legality of any onward transfer in case of a data transfer from Israel. The opinion states that onward transfers…

Read More

SEC Seeks Input on BD and RIA Digital Engagement Practices

Authored by: Nicholas Losurdo and Christopher Grobbel The SEC recently solicited public comment on digital engagement practices (DEPs) used by some broker-dealers and investment advisers, including predictive data analytics, differential marketing, and behavioral prompts (such as gamification).  The public comment window closes October 1, 2021.  Comments letters submitted already are available here—viewpoints run…

Read More

EDPB to Provide Clarification on Transfers to Importers Subject to the GDPR: Another New Set of SCCs Seen

The European Data Protection Board (EDPB) recently published minutes of its last plenary meeting held in September 2021, which (in paragraph 2) shed light on how the EDPB may address one of the biggest open issues regarding data transfers from Europe — whether under General Data Protection Regulation (GDPR), Chapter V data…

Read More

Europe Opts for Pragmatism with new SCCs and ICO Opens Consultations on UK SCC — What Companies Need to do Next

The dust has settled on the new EU standard contractual clauses for cross-border data transfers (“New SCCs”), but confusion still reigns on how the New SCCs cover data transfers and what companies need to do to take advantage of them and comply with regulatory implementation guidance, including in relation to…

Read More

Companies Can Protect Proprietary Data When Responding to CCPA Privacy Requests

Since its passage almost three years ago, the California Consumer Privacy Act (“CCPA”) has offered California-based consumers certain rights over the personal information companies collect and process about them. While responding to any request to exercise CCPA rights creates its own set of challenges, one right in particular – the right to…

Read More

What To Expect From NYC’s Tenant Data Privacy Act

New York City tenants harboring “big brother” concerns over landlords abusing data collected through smart access (i.e., keyless entry) systems will soon be able to rest easier. Following California, Virginia, and the British Virgin Islands, the New York City Council recently became the latest legislative body to pass privacy legislation with the Tenant Data…

Read More

Setting A New Standard: Data Privacy and Corporate Social Responsibility

Corporate Social Responsibility (“CSR”) and Environmental, Social, and Governance (“ESG”) practices have increasingly become priorities for many organizations as they assess their obligations to their employees, customers, and the broader community. As companies work towards meeting these CSR and ESG objectives, one focus area is data rights and data privacy. Data…

Read More

Late Breach Notice In Europe Leads To Nearly €500k Fine

On 31 March 2021 the Dutch Data Protection Authority (DPA) announced that it fined the online reservation platform Booking.com €475,000 for failing to notify the DPA of a data breach within the timeline established in the GDPR. The decision signals European regulators’ growing scrutiny of how companies exercise discretion in incident response decisions….

Read More

12