Unsolicited marketing: the right approach for e-billing in light of GDPR

In a recent study by consumer body Which?, several major retailers were potentially at risk for violations of data protection regulations by sending marketing content to customers via e-receipts – the same customers who specifically requested not to be contacted for promotional offerings.

It comes as no surprise that retailers are determined to deploy such a high engagement tactic, but it does not take a GDPR expert to work out that turning transactional communications into a marketing opportunity requires thorough understanding of the rules about what can and cannot be done.

Full article: Unsolicited marketing: the right approach for e-billing in light of GDPR – GDPR.Report

Geofencing rises privacy concerns

Geofencing is becoming increasingly popular as a means by which to deliver hypertargeted advertising content.

At the same time, today’s data privacy regulatory environment is increasingly aggressive and gaining international momentum. Geofencing raises a number of legal concerns that digital marketers must consider to avoid being caught in regulatory crosshairs.

Full article: Geofencing Could Become A Magnet For Regulatory Scrutiny | AdExchanger

Brazil Investigates Google For Alleged Privacy Breach

The Ministry of Justice, through its Consumer Affairs Department, filed an administrative proceeding against the Google subsidiary in Brazil after receiving a complaint from Attorney General’s office regarding an alleged violation of privacy to emails belonging to Brazilian citizen. If convicted, Google could be fined up to R$ 9.7 million (US$ 2.6 million).

Source: Ministry Of Justice Investigates Google For Alleged Privacy Breach – 08/02/2019 – Business – Folha

IAB Europe to release updated consent framework

The Interactive Advertising Bureau (IAB) Europe is incorporating feedback from publishers, including Google, as it preps the latest version its Transparency and Consent Framework (TCF) later this year.

Google, which has continued to postpone its official alignment with the General Data Protection Regulation (GDPR) consent tool, said it will officially integrate the framework as a recognized TCF vendor after the release.

Source: Exclusive: IAB Europe to release updated consent framework later this year, Google to sign on – MarTech Today

How to comply with both the GDPR and the CLOUD Act

U.S. CLOUD Act’s compatibility with the EU General Data Protection Regulation is still an open question.

With regard to data transfer to third countries for which such transfer is subject to the GDPR, Articles 44 to 50 of the GDPR apply. In particular, Article 48 of the GDPR comes into play when EU data is being requested by a U.S. law enforcement agency.

Full article: How to comply with both the GDPR and the CLOUD Act

“Copycat CCPA” Bills Introduced in States Across Country

Privacy has been a hot topic for state legislatures in the first month of the year. Legislators in nine states have introduced draft bills that would impose broad obligations on businesses to provide consumers with transparency and control of personal data.

Source: “Copycat CCPA” Bills Introduced in States Across Country

Company closure and 4-year ban for director after marketing regulation breach

A director of a lead generating service has been banned for four years after failing to ensure his company complied with text message regulations.

Lad Media Limited sent over 393,000 SMS messages were sent to members of the public, including to individuals whom had withdrawn their consent regarding the receipt of marketing texts or calls.

Irrespective of Lad Media’s claim that the illegal marketing had not been their fault, but was instead due to the actions of third parties, the ICO imposed a fine of £20,000.

Source: Company closure and 4-year ban for director after marketing regulation breach

Irish watchdog issues ‘no deal’ Brexit data transfers guidance

Businesses in Ireland have been urged to ensure that their transfer of personal data to the UK in a ‘no deal’ Brexit scenario is compliant with data protection law.

The guidance was issued by the Data Protection Commission (DPC) in Ireland and highlighted the use of standard contract clauses (SCCs) endorsed by the European Commission as a means of ensuring compliance, but a data protection law experts have warned that the use of SCCs alone may not be sufficient for Irish company to demonstrate compliance.

Source: Irish watchdog issues ‘no deal’ Brexit data transfers guidance

Data location vendor worked with GDPR regulator on data consent model, yielding 70% opt-in rates

Last August French privacy regulator CNIL cited two French location-intelligence companies (Fidzup and Teemo) as non-compliant with GDPR consent rules (as well as French privacy law).

Teemo then worked cooperatively with CNIL to develop specific consent language around third-party use of location data. Surprisingly, but the opt-in rates were 70%. Teemo says that transparency gives consumers a sense of control and they respond positively as a result.

Source: Data location vendor worked with GDPR regulator on data consent model, yielding 70% opt-in rates – MarTech Today

USA Big Tech encouraged to adopt GDPR-style rules

The multinational tech conglomerate, Cisco Systems has urged tech companies in the US to embrace more regulation and to follow the example of the EU’s General Data Protection Regulation (GDPR).

The group’s chief legal and compliance officer, Mark Chandler, has said regulation is now due; his calls add volume to the demands being made on US politicians to increase scrutiny and power over tech companies, against a backdrop of increasing global awareness of the importance of data security.

Source: USA Big Tech encouraged to adopt GDPR-style rules

>