Data Protection Authority

On February 2, 2022, the Litigation Chamber of the Belgian Data Protection Authority imposed a 250,000 Euro fine against the Interactive Advertising Bureau Europe for several alleged infringements of the GDPR, following an investigation into IAB Europe’s Transparency and Consent Framework.
Continue Reading Belgian DPA Finds IAB Europe Transparency and Consent Framework in Violation of the GDPR

The Austrian data protection authority recently published a decision finding that the use of Google Analytics cookies violates both Chapter V of the GDPR, which establishes the rules on international data transfers, and the Schrems II judgment of the Court of Justice of the European Union.
Continue Reading Austrian DPA Finds Data Transfers Resulting from Analytics Cookie Use to Be in Violation of GDPR Data Transfer Requirements

The CNIL recently published guidelines on the re-use of personal data by data processors for their own purposes (such as product improvement or development of new products and services) under the GDPR. We have outlined key takeaways from the Guidelines in this blog post.
Continue Reading CNIL Published Guidelines on Re-Use of Personal Data by Data Processors

In December, the Indian Joint Parliamentary Committee submitted its report on India’s draft Data Protection Bill. The Bill is now likely to be passed by Parliament in its next session, beginning in February 2022, and likely will enter into force in the first half of 2022. This blog entry examines certain key aspects of the revised Bill.
Continue Reading India’s Draft Data Protection Bill Moves Closer to Passage

The Centre for Information Policy Leadership at Hunton Andrews Kurth recently published a white paper on “Bridging the DMA and the GDPR – Comments by the Centre for Information Policy Leadership on the Data Protection Implications of the Draft Digital Markets Act.” This blog entry provides highlights on the paper.
Continue Reading CIPL Publishes White Paper on the Interplay Between the Draft EU Digital Markets Act and the GDPR