On May 10, 2022, Connecticut Governor Ned Lamont signed An Act Concerning Personal Data Privacy and Online Monitoring, after the law was previously passed by the Connecticut General Assembly in April. Connecticut is now the fifth state to enact a consumer privacy law.
Continue Reading Connecticut Enacts Consumer Privacy Law
Data Controller
Utah Becomes Fourth U.S. State to Enact Consumer Privacy Law
Posted on
Posted in U.S. State Law
On March 24, 2022, Utah became the fourth state in the U.S., following California, Virginia and Colorado, to enact a consumer data privacy law, the Utah Consumer Privacy Act. The law will take effect on December 31, 2023.
Continue Reading Utah Becomes Fourth U.S. State to Enact Consumer Privacy Law
EDPB Adopts Guidelines on Codes of Conduct as Tools for Transfers
Posted on
Posted in European Union, International
On February 22, 2022, the European Data Protection Board adopted its final Guidelines 04/2021 on Codes of Conduct as tools for transfers, following a public consultation that took place in 2021.
Continue Reading EDPB Adopts Guidelines on Codes of Conduct as Tools for Transfers
French CNIL Releases 2022 Enforcement Priorities
Posted on
On February 15, 2022, the French Data Protection Authority published its enforcement priority topics for 2022, which focused on direct marketing, monitoring teleworking employees and cloud computing. …
Continue Reading French CNIL Releases 2022 Enforcement Priorities
CNIL Published Guidelines on Re-Use of Personal Data by Data Processors
Posted on
Posted in European Union, International
The CNIL recently published guidelines on the re-use of personal data by data processors for their own purposes (such as product improvement or development of new products and services) under the GDPR. We have outlined key takeaways from the Guidelines in this blog post.
Continue Reading CNIL Published Guidelines on Re-Use of Personal Data by Data Processors
EDPS Issues Decision on EU Parliament’s Cookie Violations
Posted on
Posted in European Union, International
The European Data Protection Supervisor recently issued a decision against the European Parliament in a case that resulted from a complaint submitted by certain Members of the European Parliament who alleged that the Parliament’s use of cookies violated data protection law, including requirements regarding the transfer of personal data outside of the EU. …
Continue Reading EDPS Issues Decision on EU Parliament’s Cookie Violations
The EDPB Issues Guidelines Clarifying What Constitutes an International Data Transfer Under the GDPR
Posted on
Posted in European Union, International
On November 19, 2021, the European Data Protection Board published its draft Guidelines 05/2021 on the interplay between the application of Article 3 of the GDPR, which sets forth the GDPR’s territorial scope, and the GDPR’s provisions on international data transfers.
Continue Reading The EDPB Issues Guidelines Clarifying What Constitutes an International Data Transfer Under the GDPR
Belgian DPA Expected to Rule that IAB Europe’s Cookie Consent Framework Violates the GDPR
Posted on
On November 5, 2021, IAB Europe announced that, in the coming weeks, the Belgian Data Protection Authority plans to share with other data protection authorities a draft ruling on the IAB EU Transparency & Consent Framework. …
Continue Reading Belgian DPA Expected to Rule that IAB Europe’s Cookie Consent Framework Violates the GDPR
Lloyd Court Says No to Class Action-Style Lawsuits in the UK
Posted on
Posted in Enforcement, International
On November 10, 2021, the UK Supreme Court issued its long-awaited judgment in the Lloyd v Google case. The decision is expected to make it difficult in practice for a future class action lawsuit that is brought on behalf of a class of individuals who have not actively opted in to being represented by the lead claimant to proceed under UK law.
Continue Reading Lloyd Court Says No to Class Action-Style Lawsuits in the UK
DCMS Consults on National Data Strategy
Posted on
On September 10, 2021, the UK Government Department for Digital, Culture, Media & Sport launched a consultation on its proposed reforms to the UK data protection regime to reflect DCMS’s effort to deliver on Mission 2 of the National Data Strategy. The consultation will close on November 19, 2021, and CIPL will consult with members to prepare a formal response to the consultation.
Continue Reading DCMS Consults on National Data Strategy