On September 27, 2021, the European Data Protection Board announced that it established a taskforce to coordinate the response to complaints filed with several EU data protection authorities by the non-governmental organization None of Your Business in relation to cookie banners.
Continue Reading EDPB Creates Cookie Banner Taskforce
Cookies
DCMS Consults on National Data Strategy
On September 10, 2021, the UK Government Department for Digital, Culture, Media & Sport launched a consultation on its proposed reforms to the UK data protection regime to reflect DCMS’s effort to deliver on Mission 2 of the National Data Strategy. The consultation will close on November 19, 2021, and CIPL will consult with members to prepare a formal response to the consultation.
Continue Reading DCMS Consults on National Data Strategy
Italian Garante Publishes Updated Guidelines on Cookies and Other Tracking Technologies
Laura Liguori of Portolano Cavallo provides highlights on the Italian Data Protection Authority’s new version of its guidelines for cookies and other tracking mechanisms.
Continue Reading Italian Garante Publishes Updated Guidelines on Cookies and Other Tracking Technologies
FTC Settles Children’s Privacy Case Against Online Coloring Book App, Recolor
On July 1, 2021, the FTC settled a COPPA complaint against Toronto-based operators of the online coloring book app, Recolor.
Continue Reading FTC Settles Children’s Privacy Case Against Online Coloring Book App, Recolor
Google Delays Phase-Out of Third Party Cookies
On June 24, 2021, Google announced that it will delay its plan to replace the use of third-party cookies on its Chrome web browser with new technologies. This delay comes amid antitrust and privacy concerns, as well as scrutiny from the advertising industry that the changes will strengthen Google’s own advertising business.
Continue Reading Google Delays Phase-Out of Third Party Cookies
Norwegian DPA Issues 2.5M EUR Preliminary Fine for U.S. Company Utilizing Web-Tracking IDs
On May 2, 2021, the Norwegian data protection authority, Datatilsynet, notified a U.S. company of its intention to issue a fine of 25 million Norwegian Krone (approximately 2.5 million Euros). The preliminary fine was issued for failure to comply with the General Data Protection Regulation’s accountability, lawfulness and transparency requirements, primarily due to the company’s tracking of website visitors.
Continue Reading Norwegian DPA Issues 2.5M EUR Preliminary Fine for U.S. Company Utilizing Web-Tracking IDs
EU Member States Agree on Council’s Text for the ePrivacy Regulation
On February 10, 2021, representatives of the EU Member States reached an agreement on the Council of the European Union’s negotiating mandate for the draft ePrivacy Regulation, which will replace the current ePrivacy Directive. The text approved by the EU Member States was prepared under Portugal’s Presidency and will form the basis of the Council’s negotiations with the European Parliament on the final terms of the ePrivacy Regulation.
Continue Reading EU Member States Agree on Council’s Text for the ePrivacy Regulation
CNIL Calls Organizations to Audit their Sites and Apps for Cookie Compliance
On February 4, 2021, the French Data Protection Authority announced that it sent letters and emails to approximately 300 organizations, both private and public, to remind them of the new cookie law rules and the need to audit their sites and apps to comply with those rules by March 31, 2021. …
Continue Reading CNIL Calls Organizations to Audit their Sites and Apps for Cookie Compliance
UK Case Tests the Territorial Application of the GDPR to U.S. Run Website
The recent UK case of Soriano v Forensic News and Others tested the territorial reach of the General Data Protection Regulation and represents the first UK judgment dealing with the territorial scope of the GDPR. This was a “service out” case, where the claimant, Walter T. Soriano, sought the Court’s permission under the UK Civil Procedure Rules to serve proceedings on the defendants, who were all domiciled in the U.S.
Continue Reading UK Case Tests the Territorial Application of the GDPR to U.S. Run Website
Advocate General Issues Opinion on GDPR’s One-Stop-Shop
On January 13, 2021, Advocate General Michal Bobek of the Court of Justice of the European Union issued his Opinion in the Case C-645/19 of Facebook Ireland Limited, Facebook Inc., Facebook Belgium BVBA v. the Belgian Data Protection Authority.
Continue Reading Advocate General Issues Opinion on GDPR’s One-Stop-Shop