While data protection or privacy impact assessments may be familiar to businesses that process personal information of individuals from certain countries outside the U.S. — e.g., those in Europe — until recently, consumer privacy laws applicable to businesses in the U.S. have not mandated PIAs. PIAs help businesses identify risks that…
Data privacy case law and legislation is constantly updated in the United Kingdom and European Union to address key issues. In order to track the latest developments, we have set out a brief overview of case law updates, legislation, guidance and news. Case Law Updates and Fines On 15 June,…
Data privacy case law and legislation is constantly updated in the United Kingdom and European Union to address key issues. In order to track the latest developments, we have set out a brief overview of case law updates, legislation, guidance and news. Case Law Updates and Fines On April 13,…
On 22 May 2023, the Irish Data Protection Commission (“DPC”) fined Facebook parent Meta EUR 1.2 billion for transferring personal data to the U.S. in violation of GDPR. The DPC also ordered Meta to suspend further transfers unless it can bring such transfers into compliance within 5 months. Meta is…
Data privacy case law and legislation is constantly updated in the United Kingdom and European Union to address key issues. In order to track the latest developments, we have set out a brief overview of case law updates, legislation, guidance and news. Case Law Updates and Fines On 19 May,…
Data privacy case law and legislation is constantly updated in the United Kingdom and European Union to address key issues. In order to track the latest developments, we have set out a brief overview of case law updates, legislation, guidance and news. Case Law Updates and Fines On May 22,…
Data privacy case law and legislation is constantly updated in the United Kingdom and European Union to address key issues. In order to track the latest developments, we have set out a brief overview of case law updates, legislation, guidance and news. Case Law Updates and…
On April 27, Washington Governor Jay Inslee signed into law the state’s expansive health privacy law, the My Health My Data Act. Effective March 31, 2024, the MHMDA establishes a comprehensive privacy framework for entities doing business in Washington state that handle consumer health data. Reflecting a trend by lawmakers to…
Data privacy case law and legislation is constantly updated in the United Kingdom and European Union to address key issues. In order to track the latest developments, we have set out a brief overview of case law updates, legislation, guidance and news. Case Law Updates and…
On April 26, 2023, the General Court of the European Union issued a ruling in Case T-557/20, SRB v EDPS, finding that pseudonymized data shared by one party with another will not be considered personal data in the hands of the recipient, if the recipient does not have legal means…