On June 1, 2019, New Decree No. 2019-536 took force, enabling the French Data Protection Act, as amended by an Ordinance of December 12, 2018, likewise to enter into force. This blog entry provides an overview of the developments.
Continue Reading
Personal Data
CNIL Fines French Real Estate Service Provider for Data Security and Retention Failures
Posted on
On June 6, 2019, the CNIL announced that it levied a fine of 400,000 Euros on SERGIC, a French real estate service provider. This blog entry provides an overview of the case. …
Continue Reading
Thailand’s First Personal Data Protection Law Enters into Effect
Posted on
Posted in Information Security, International
On May 27, 2019, Thailand’s Personal Data Protection Act B.E. 2562 (A.D. 2019) was finally published in the Government Gazette, and thus became effective on May 28, 2019. …
Continue Reading
Age Appropriate Design: ICO Issues Draft Code of Practice for Online Services Used by Children
Posted on
On April 15, 2019, the UK Information Commissioner’s Office issued for public consultation a draft code of practice that, once in effect, will regulate the provision of online services likely to be accessed by children in the UK. This blog entry provides an overview of the draft code. …
Continue Reading
FTC Settles with Two Online Operators for Failing to Secure Customers’ Data
Posted on
On April 24, 2019, the Federal Trade Commission announced two data security cases involving online operators that were alleged to have failed to take reasonable steps to secure consumers’ data, which allowed hackers to breach both websites.…
Continue Reading
Greek DPA Issues EUR 30,000 Fine For Data Protection Violation
Posted on
On April 15, 2019 the Greek Data Protection Authority fined Hellenic Petroleum S.A. EUR 30,000, applying local data protection law predating the GDPR. This blog entry provides an overview of the decision. …
Continue Reading
Washington State Legislators Approve Amendments to Data Breach Law
Posted on
On April 22, 2019, Washington state legislators passed HB 1071, a bill that seeks to strengthen the state’s data breach law. The bill is now before Governor Jay Inslee. This blog entry provides an overview of the bill’s key amendments. …
Continue Reading
Senator Markey Introduces Privacy Bill of Rights Act
Posted on
Posted in Information Security, U.S. Federal Law
On April 12, 2019, Senator Edward J. Markey (MA) introduced the Privacy Bill of Rights Act, comprehensive privacy legislation intended to protect individuals’ “personal information,” defined as “information that directly or indirectly identifies, relates to, describes, is capable of being associated with, or could reasonably be linked to, a particular individual.”…
Continue Reading
CNIL Launches Public Consultation on Draft Standards on HR Data Processing and Whistleblowing Hotlines
Posted on
On April 11, 2019, the French Data Protection Authority launched an online public consultation regarding two new CNIL draft standards concerning the processing of personal data for (1) core HR management purposes and (2) the operation of a whistleblowing hotline.…
Continue Reading
Nigeria Issues New Data Protection Regulation
Posted on
Nigeria’s National Information Technology Development Agency recently issued the Nigeria Data Protection Regulation 2019. This blog entry provides key elements of the Regulation.…
Continue Reading