DLA Piper’s Data Protection and Privacy practice delivers topical legal and regulatory updates and analysis from across the globe.
How do companies optimize their digital advertising activities while complying with the CCPA? Assessing a company’s digital advertising activities in order to understand associated data flows, obligations and responsibilities can be complex, in particular where companies rely on a combination of first party and third party data, resources and technologies—including ad agencies and various third […]
Since the European Commission unveiled a proposal for an e-Privacy Regulation in January 2017, this new piece of legislation, aiming to adapt rules on electronic communications and cookies, has undergone many iterations. The European Parliament has left its version untouched since October 2017, and in the meantime the Council of the EU has regularly published […]
It’s summer, and life’s a breach. A data breach, that is. It’s your service provider’s breach, but it involves your (more likely, your customer’s) data. So put down the beach reading, for some breach reading. Service provider cyber incidents have exploded in volume, type, frequency, response time and cost. That makes sense, because the surface attack […]
By Denise Lebeau-Marianna and Tiphaine Caulier The French Data Protection Supervisory Authority (CNIL) has finally decided to replace its recommendations of 2013 which were no more compliant with the GDPR, by new guidelines. This decision is notably motivated by the fact that: – the ePrivacy Regulation is still under discussion at the EU Parliament and […]
The European Data Protection Board (“EDPB”) has published guidelines on the processing of personal data through video devices (the “Guidelines“) (currently subject to a public consultation process). The EDPB acknowledges the ubiquity of video devices in modern life (everything from smartphone cameras to video-enabled doorbells and home security systems), and accepts that many individuals may […]
Today, the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, “Dutch DPA“) issued its first GDPR-fine of EUR 460,000. The fine is imposed on the Dutch Haga Hospital for having an insufficient internal security of patient records. The fact that the first GDPR-fine was imposed on a hospital isn’t a complete surprise, as already in December 2018, […]
Just days after proudly announcing its first fine under the GDPR, the Romanian Data Protection Authority has done it again: World Trade Center Bucharest S.A. must pay 15,000 euro for breaching the provisions of Art. 32 para. (4) GDPR corroborated with Art. 32 paras. (1) and (2) GDPR. What happened: according to the official statement […]
The Information Commissioner’s Office (“ICO“) has published its eagerly awaited guidance on the use of cookies and similar technologies. In it, the UK’s data protection authority has formally recognised the stricter standards of consent and transparency required for cookie usage in the world of the GDPR. Organisations are advised to take prompt action to review […]
