On April 15, 2019, the UK Information Commissioner’s Office issued for public consultation a draft code of practice that, once in effect, will regulate the provision of online services likely to be accessed by children in the UK. This blog entry provides an overview of the draft code.
Continue Reading
Personal Data
FTC Settles with Two Online Operators for Failing to Secure Customers’ Data
Posted on
On April 24, 2019, the Federal Trade Commission announced two data security cases involving online operators that were alleged to have failed to take reasonable steps to secure consumers’ data, which allowed hackers to breach both websites.…
Continue Reading
Greek DPA Issues EUR 30,000 Fine For Data Protection Violation
Posted on
On April 15, 2019 the Greek Data Protection Authority fined Hellenic Petroleum S.A. EUR 30,000, applying local data protection law predating the GDPR. This blog entry provides an overview of the decision. …
Continue Reading
Washington State Legislators Approve Amendments to Data Breach Law
Posted on
On April 22, 2019, Washington state legislators passed HB 1071, a bill that seeks to strengthen the state’s data breach law. The bill is now before Governor Jay Inslee. This blog entry provides an overview of the bill’s key amendments. …
Continue Reading
Senator Markey Introduces Privacy Bill of Rights Act
Posted on
Posted in Information Security, U.S. Federal Law
On April 12, 2019, Senator Edward J. Markey (MA) introduced the Privacy Bill of Rights Act, comprehensive privacy legislation intended to protect individuals’ “personal information,” defined as “information that directly or indirectly identifies, relates to, describes, is capable of being associated with, or could reasonably be linked to, a particular individual.”…
Continue Reading
CNIL Launches Public Consultation on Draft Standards on HR Data Processing and Whistleblowing Hotlines
Posted on
On April 11, 2019, the French Data Protection Authority launched an online public consultation regarding two new CNIL draft standards concerning the processing of personal data for (1) core HR management purposes and (2) the operation of a whistleblowing hotline.…
Continue Reading
Nigeria Issues New Data Protection Regulation
Posted on
Nigeria’s National Information Technology Development Agency recently issued the Nigeria Data Protection Regulation 2019. This blog entry provides key elements of the Regulation.…
Continue Reading
Utah Governor Signs Electronic Data Privacy Bill Requiring Warrants to Access Certain Types of Data
Posted on
Posted in Online Privacy, U.S. State Law
On March 27, 2019, Utah Governor Gary Herbert signed HB57, the first U.S. law to protect electronic information that individuals have shared with certain third parties.…
Continue Reading
Thailand’s National Legislative Assembly Passes Data Protection Law
Posted on
Posted in Information Security, International
On February 28, 2019, Thailand’s National Legislative Assembly finally approved and endorsed the draft Personal Data Protection Act, which will now be submitted for royal endorsement and subsequent publication in the Government Gazette. Publication is anticipated to occur within the next few weeks.…
Continue Reading
Advocate General Finds Search Engine Operators May Limit the Scope of Right to Be Forgotten to the EU
Posted on
Posted in European Union, International
On January 10, 2019, Advocate General Szpunar of the Court of Justice of the European Union issued an Opinion in the case of Google v. CNIL, which is currently pending before the CJEU. In its Opinion, the Advocate General provided his views concerning the territorial scope of the right to be forgotten under the EU Data Protection Directive.…
Continue Reading