On May 10, 2023, the Texas Senate passed H.B. 4, also known as the Texas Data Privacy and Security Act.
Continue Reading Texas Senate Passes Texas Data Privacy and Security Act
Data Processor
Montana and Tennessee Could Become Eighth and Ninth States to Enact Comprehensive Consumer Privacy Bills
On April 21, 2023, the Montana and Tennessee legislatures voted to enact comprehensive consumer privacy bills in their respective states. If signed by their governors, Montana’s Consumer Data Privacy Act (S.B. 384) and Tennessee’s Information Protection Act (H.B. 1181) could make these states the eighth and ninth U.S. states to enact comprehensive privacy legislation. …
Continue Reading Montana and Tennessee Could Become Eighth and Ninth States to Enact Comprehensive Consumer Privacy Bills
CNIL issues €125,000 Fine Against E-Scooter Rental Company
On March 28, 2023, the French Data Protection Authority announced a €125,000 fine on the e-scooter rental company Cityscoot for breaching EU and French data protection rules, in particular in the context of geolocation and use of Google reCAPTCHA. …
Continue Reading CNIL issues €125,000 Fine Against E-Scooter Rental Company
CJEU Clarifies Rules on Conflict of Interest in Relation to DPO Role
On February 9, 2023, the Court of Justice of the European Union issued a judgment in the X-FAB Dresden case. …
Continue Reading CJEU Clarifies Rules on Conflict of Interest in Relation to DPO Role
CIPL Responds to EDPB’s Calls for Public Comments on Recommendations for Controller Binding Corporate Rules
On January 10, 2023, the Centre for Information Policy Leadership at Hunton Andrews Kurth responded to a call for public comments from the European Data Protection Board regarding their Recommendations 1/2022 on the Application for Approval and on the elements and principles to be found in Controller Binding Corporate Rules (Art. 47 GDPR). …
Continue Reading CIPL Responds to EDPB’s Calls for Public Comments on Recommendations for Controller Binding Corporate Rules
Irish Data Protection Commission Fines Meta €265 Million for Privacy Violations
On November 25, 2022, Ireland’s Data Protection Commission released a decision fining Meta Platforms, Inc. €265 million for a 2019 data leak involving the personal information of approximately 533 million Facebook users worldwide.
Continue Reading Irish Data Protection Commission Fines Meta €265 Million for Privacy Violations
India Releases Fourth Draft of Data Protection Bill
Kochhar & Co. reports that, on November 18, 2022, the Government of India released the long-awaited fourth draft of India’s proposed privacy law, now renamed the Digital Personal Data Protection Bill. …
Continue Reading India Releases Fourth Draft of Data Protection Bill
EDPB Publishes Guidelines on the Calculation of Administrative Fines Under the GDPR
The European Data Protection Board recently adopted Guidelines 04/2022 on the calculation of administrative fines under the GDPR. This blog entry provides a summary of the Guidelines. …
Continue Reading EDPB Publishes Guidelines on the Calculation of Administrative Fines Under the GDPR
Thailand’s Personal Data Protection Act Enters into Force
On June 1, 2022, Thailand’s Personal Data Protection Act entered into force after three years of delays.
Continue Reading Thailand’s Personal Data Protection Act Enters into Force
CPPA Holding Public Pre-Rulemaking Meetings on the CPRA on March 29 and March 30
On March 29 and 30, 2022, the California Privacy Protection Agency will hold public pre-rulemaking informational sessions regarding the California Privacy Rights Act via video conference.
Continue Reading CPPA Holding Public Pre-Rulemaking Meetings on the CPRA on March 29 and March 30