Following privacy and data protection legislation through the process, into law, and into future court interpretations.
Global News Roundup — April 9–16, 2018
Global News Roundup — April 2–9, 2018
The Cayman government has published draft regulations in preparation for the implementation of its Data Protection Law. Slovenia’s government adopted an EU General Data Protection Regulation implementation proposal, giving more power to the information commissioner but drawing criticism from her for...
The Polish DPA’s draft list of triggers for mandatory DPIAs
2
In line with the Article 35(4) of the GDPR, the Polish Data Protection Authority prepared and published a draft list of the kind of processing operations subject to mandatory data protection impact assessment.
According to the authority statements, the list is based on more than twenty years of exp...
UK: Vicarious liability on company for deliberate data breach by employee
1
In the case of Various Claimants v. Wm Morrison from December 2017, the High Court of England and Wales has held a company liable for a deliberate and massive data breach carried out by an employee, though the company itself was blameless, in line with the doctrine of vicarious liability (under whic...
Global News Roundup — March 19–April 2, 2018
1
In this week’s Privacy Tracker legislative roundup, read about a document from the Hong Kong Legislative Council’s panel on information technology and broadcasting empowering the privacy commissioner to enforce the country’s do-not-call registry. The U.K. and the EU have come to an agreement on a Br...
What the CLOUD Act means for privacy pros
3
Readers brave enough to get to page 2201 the United States’ latest omnibus spending bill will find the newly enacted Clarifying Lawful Overseas Use of Data Act. This blog post first explains how the CLOUD Act resolves the Supreme Court case between Microsoft and the U.S. Department of Justice regard...
Reining in the FCC: DC Circuit overturns some (not all) of 2015 TCPA order
Last Friday, the D.C. Circuit issued a long-awaited TCPA decision, paving the way for organizations to obtain relief from what some argued were onerous aspects of the U.S. Federal Communications Commission’s 2015 order updating the way the law should be interpreted — although not immediately.
For t...
Global News Roundup — March 12–19, 2018
In this week’s Privacy Tracker legislative roundup, read about a proposal in China to add eye recognition to the country’s national ID program, while India has delayed linking Aadhaar numbers to government-sponsored programs. The U.K. has approved Guernsey’s new data protection law. And in the U.S.,...
Global News Roundup — March 5–12, 2018
Singapore has joined the Asia-Pacific Economic Cooperation's Cross-Border Privacy Rules system. Canada’s Standing Committee on Access to Information, Privacy and Ethics released its report reviewing the Personal Information Protection and Electronic Documents Act, finding the law needs to be updated...
Brussels court: Facebook must play by the Belgian privacy and cookie rules
In a judgement of Feb. 16, the Court of First Instance of Brussels has convicted Facebook for non-compliance with the Belgian privacy and cookie rules. The Court ordered Facebook to cease its current cookie use practices under forfeiture of an incremental penalty of 250.000 EUR per calendar day of n...
Recent Comments