GDPR

This week, House Committee on Energy and Commerce Chair Cathy McMorris Rodgers (R-WA) and Senate Committee on Commerce, Science and Transportation Chair Maria Cantwell (D-WA) unveiled their bipartisan, bicameral discussion draft of the American Privacy Rights Act (APRA draft).[1] Chair Rodgers’ and Chair Cantwell’s announcement of the APRA draft surprised many congressional observers after comprehensive privacy legislation stalled in 2022.Continue Reading April’s APRA: Could Draft Privacy Legislation Blossom into Law in 2024?

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Never Beyond the Law – the Spanish AEPD’s Position on the Processing of Whistleblower Data | Privacy World

Singapore to

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Biden Budget Proposal Advances AI Priorities | Privacy World

US Regulators Lift the Curtain on Data Practices With Assessment, Reporting

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

In Narrow Vote California Moves Next Generation Privacy Regs Forward | Privacy World

EDPB Versus Ireland? Does the Opinion on

On February 13, 2024, the European Data Protection Board (EDPB) released its opinion on the notion of the main establishment of a controller in the EU under article 4(16)(a) GDPR and the criteria for the application of the “one-stop shop” mechanism, in particular, regarding the notion of a controller’s “place of central administration” (PoCA) in

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Connecticut Attorney General Report: CTDPA Enforcement Insights & Takeaways | Privacy World

California Attorney General Announces Industry Investigative Sweep into

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

2023 Cybersecurity Year In Review | Privacy World

FTC Consumer Protection and Data Protection Insights for 2024 | Privacy World

Transparency, from the medieval Latin “transparentia”, is thought to have emerged in the late 16th century as a general term for a transparent object. In essence, it means the property of allowing light to pass through so that objects behind it can be clearly seen. But in the 21st century, transparency has a different and broader meaning.

The Spanish Data Protection Agency (Agencia Española Protección de Datos, or AEPD) published an article in September 2023 on transparency in the context of the proposed Artificial Intelligence Act (AI Act) and the General Data Protection Regulation (GDPR), clarifying that different actors, different information and different recipients are involved, depending on the regulation.Continue Reading AEPD’s Position Regarding Transparency (AIA vs. GDPR)

On January 15, 2024, the European Commission (EC) published its report on 11 adequacy decisions made under the Data Protection Directive. This is the first review of its kind in GDPR times for adequacy decisions that were living their own existence, with not many troubles (leaving the US one aside). A periodic checkup is foreseen in the most recent adequacy decisions (and Japan last review was published in April 2023), but not much was done for the other ones; this is now remedied.Continue Reading Adequate One Day Keeps Personal Data Transfer Problems (Forever) Away? Let’s See What the EU Doctor Just Said

The Spanish Data Protection Authority (AEPD) has issued a set of guidelines on the use of biometric systems for access and employee attendance control defining the criteria for using these systems (and the measures to be considered in the context of these processing activities) in compliance with the General Data Protection Regulation (GDPR).Continue Reading The Spanish DPA’s Restrictive Approach to Processing Biometric Data for Access and Attendance Control