If you manage a company that collects and otherwise processes personal data (which is just about every company, these days), you may need to protect your own pocketbook. As governments across the globe continue to enact and enforce data privacy, data protection, and cybersecurity laws, data becomes more readily available, and the volume of incidents
The Current State of General State Privacy Laws
It’s a great time to be a privacy attorney. On October 17, 2022, the California Privacy Protection Agency (CPPA) released the next draft of the regulations under the California Privacy Rights Act of 2020 (CPRA) as well as a document explaining the proposed modifications. Two days of public hearings were recently held on October 21-22…
Is your organization ready for global privacy regulations?
The Internet Society’s Online Trust Alliance (OTA) released a report this week that measured 1200 U.S.-based organizations’ readiness for three major global privacy regulations: the General Data Protection Regulation (GDPR) in the European Union, the California Consumer Privacy Act (CCPA) in the United States that goes into effect January 1, 2020, and the Personal Information…
Email tracking services – are they really worth it?
As illustrated in this recent article in Wired, email tracking services and their counterparts, anti-tracking services, have been rapidly gaining ground on the web; to the point that 40% of all email being sent, and 99% of the majority of the emails you receive (newsletters, marketing materials, notifications and transactional emails) are now being…
The more people interact with AI, the more they like it – but that doesn’t diminish their privacy fears
According to a recent Genpact study:
- Nearly two-thirds of consumers (63%) are worried that Artificial Intelligence is going to make decisions that will impact their lives without their knowledge
- Less than one-third (30%) are at least “fairly comfortable” with the idea of companies using AI to access their personal data
- Almost three-quarters (71%) say
PIAs & DETERMINATION OF RISK UNDER GDPR – THE LATEST:
The Article 29 Working Party updated the Guidelines on PIAs and evaluation of risk guidance on October 4, 2017:
Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of Regulation 2016/679
CNIL created a PIA Infography to outline the main principles. Keep…
Your Car and GDPR
CNIL, the French DPA, published a new Compliance Pack called “Connected Vehicles: A Compliance Pack for Responsible Data Use” on October 17, 2017. CNIL broke its guidance into three scenarios:
- Personal data remains in the car
- Personal data is transmitted externally to provide a service to the individual
- Personal data is transmitted outside
GDPR Data Breach & Profiling Guidelines and last chance to comment!
The Article 29 Working Party published two Guidelines related to GDPR:
Guidelines on Personal data breach notification under Regulation 2016/679, wp250
Guidelines on automated individual decision-making and profiling for the purposes of Regulation 2016/679, wp251
The Guidelines are open for comments until November, 28, 2017. Comments should be sent to JUST-ARTICLE29WP-SEC@ec.europa.eu and firstname.lastname@example.org.