One-stop shop for CCPA information, resources

(Jan 24, 2020) While preparations for the California Consumer Privacy Act seemed like a heavy lift for privacy pros, the work doesn't get any easier with the law now in effect. The IAPP Resource Center can help alleviate compliance concerns. The Resource Center carries a whole section dedicated to CCPA content and tools that will help ease the burden on those working to comply with the law. Featured resources available include background information, official documents, analysis pieces and compliance aids.Full... Read More

OIPC considering investigation into ID scanners at liquor stores

(Jan 24, 2020) The Office of the Information and Privacy Commissioner of Alberta is considering an investigation into a plan to install ID scanners in Edmonton liquor stores, the Edmonton Journal reports. Liquor retailer Alcanna plans to install ID scanners at some of its locations. OIPC Communications Manager Scott Sibbald said in an emailed statement the agency only learned of the plan through news reports. “We have at no point been consulted on this pilot project announced by Alcanna and PatronScan,” Sibbal... Read More

Irish DPC discusses data protection in political campaigns

(Jan 23, 2020) In a blog post on its website, the Irish Data Protection Commission addressed the need to maintain strong data protection during upcoming political campaigns. The DPC urged political groups to remember their obligations as data controllers under the EU General Data Protection Regulation and respect the privacy rights of individuals. "With the consent of the individual, they may send electronic direct communications and collect information directly from the individual," the DPC wrote. "Personal d... Read More

Bavarian DPA appoints new president

(Jan 23, 2020) Bavarian State Office for Data Protection Supervision announced Michael Will has been appointed its new president. Will takes over for former BayLDA President Thomas Kranig after serving as the head of data protection for the Bavarian State Ministry of the Interior. Will also has a background as a data protection officer in the Bavarian Ministry and was a member of the data protection commission of the Bavarian State Parliament. (Original article is in German.)Full Story... Read More

Singapore's PDPC publishes feedback on data portability, innovation provisions

(Jan 23, 2020) Singapore's Personal Data Protection Commission published the feedback it received from the public consultation it held on proposed data portability and data innovation provisions for the Personal Data Protection Act. The PDPC got feedback from 44 entities in various sectors. On the proposed data portability requirement, the majority of respondents "did not object to the proposal for the Data Portability Obligation to apply to organisations that are presently covered by the PDPA’s Data Protectio... Read More

Mixed reactions to ICO's proposed children's privacy code

(Jan 23, 2020) No one would disagree that children are a vulnerable population. That's why we put measures in place to protect them from adult things: film ratings, car seats and age restrictions on smoking, for example. So why would protections not extend to the digital world, Information Commissioner Elizabeth Denham asked this week as her office unveiled a set of rules known as the "Age Appropriate Design Code." After all, one in five U.K. internet users is a child.   The code, which will require parliamen... Read More

Lawyers support privacy commissioner’s stronger powers against 'doxing'

(Jan 23, 2020) A plan to give Hong Kong’s Office of the Privacy Commissioner for Personal Data the power to conduct criminal investigations into "doxing," launch prosecutions, remove doxing content from social media, and require platforms to turn over names and IP addresses of doxers has received support from legal experts, the South China Morning Post reports. Lawyers and scholars called for safeguards to allow for fair criticism and scrutiny of public officials. "If a law can be tailored so that it only catc... Read More

Greek DPA fines petroleum company 150K euros for GDPR violations

(Jan 23, 2020) The Hellenic Data Protection Authority fined Aegean Marine Petroleum Network 150,000 euros for alleged violations of the EU General Data Protection Regulation, reports. The agency found outside companies had the ability to access and copy personal information found within Aegean's servers. Aegean failed to notify data subjects of any processing of personal information found within those servers. The DPA also found Aegean did not take the proper technical measures to ensure any data pr... Read More

Hong Kong considers PDPO amendments

(Jan 23, 2020) The Hong Kong Privacy Commissioner for Personal Data and the Constitutional and Mainland Affairs Bureau have proposed possible amendments to the Personal Data (Privacy) Ordinance, Lexology reports. As part of the development of the amendments, the privacy commissioner examined laws in Australia, Canada, Singapore, New Zealand and the EU. The two agencies laid out the amendments in a consultation paper, which includes the introduction of data breach notification requirements, data retention perio... Read More

ICO: Adtech companies need to comply with GDPR

(Jan 23, 2020) At an Interactive Advertising Bureau event in London, Information Commissioner’s Office Head of Technology and Policy Ali Shah said the regulator will use its “full power” to bring advertising technology companies into compliance with the EU General Data Protection Regulation, Digiday reports. The ICO said many companies are not currently complying and, in June, gave six months for them to meet stipulations. “The window to sit back and see what happens has closed,” Shah said. Crownpeak Chief Pro... Read More