fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " law "

California Considers Amending New Privacy Law

The California senate judiciary committee is expected to consider amendments that could significantly water down the state’s landmark privacy law.

One of the amendments would revise the definition of “de-identified” data to include material that is not “reasonably linkable” to a particular consumer. That would make the law more friendly to online marketers by exempting IP addresses, device identifiers and other pseudonymous identifiers from the material covered by the measure.

Another proposed amendment would weaken a provision that prohibits companies from charging higher prices to consumers who opt out of data collection and selling.

Source: California Considers Amending New Privacy Law 07/09/2019

Why Is America So Far Behind Europe on Digital Privacy?

Americans have been far too vulnerable for far too long when they venture online.

It’s taken more than a decade of shocking revelations — of data breaches
and other privacy abuses — to get to this moment, when there finally seems to be enough momentum to pass a federal law.

Full article: Opinion | Why Is America So Far Behind Europe on Digital Privacy? – The New York Times

The EU Cybersecurity Act Introduces Certifications and the New Cybersecurity Agency

On June 27, 2019, the EU Regulation on Information and Communication Technology (Cybersecurity Act or Act) became effective introducing, for the first time, EU-wide rules for the cybersecurity certification of products and services (Certification).

he Certification may create a competitive advantage for companies that sell their products and services in the EU. Further, the Certification may act as a catalyst to the anticipated certifications for GDPR-compliance.

In addition, the Cybersecurity Act provides for a new permanent mandate for the EU Agency for Cybersecurity (ENISA) with new responsibilities.

Source: The EU Cybersecurity Act Introduces Certifications and the New Cybersecurity Agency

German Bundestag approves 2nd German Data Protection Adaptation Act

On 28 June 2019, the German Bundestag passed the 2nd German Data Protection Act (“2nd DSAnpUG”) which will amongst other things further adapt the German Federal Data Protection Act („BDSG“), the German Federal Registration Act (“BMG”), the German Act on the Federal Office for Security in Information Technology (“BSI-Act”) and the Act on the Establishment of a Federal Institute for Digital Radio of Authorities and Organizations with Security Responsibilities (“BDBOS-Act”) to the provisions of the General Data Protection Regulation („GDPR“).

Full article: German Bundestag approves 2nd German Data Protection Adaptation Act (“2nd DSAnpUG”): Summary of significant changes for German data protection laws.

New rules for biometric EU identity and residence cards given final approval

The European Union’s Council has approved new rules for biometric fingerprint and photo security features of identity and residence cards, as proposed by the European Commission.

The biometric features of European ID cards will be stored on a contactless chip, making them similar in security to passports.

Source: New rules for biometric EU identity and residence cards given final approval | Biometric Update

Pressure mounts on patchwork data privacy laws across US states

Enterprise resistance to tightening data privacy standards is increasing in the US, as states develop their own online data protection laws.

Among the nation’s most stringent restrictions upon ISPs (internet service providers), a law put in place in Maine last month prevents companies from using, selling or sharing consumer data without the data owner’s consent.

Source: Pressure mounts on patchwork data privacy laws across US states

Facebook and Google could be forced to tell you how much your data is worth under new US legislation

Tech companies like Facebook and Google could be forced to reveal how much individual users’ data is worth to them under new legislation in the US, according under new legislation in the US.

Putting a dollar figure on how much people’s data is worth is unlikely to be straightforward for the companies involved and the bill could provoke opposition.

Source: Facebook and Google could be forced to tell you how much your data is worth under new US legislation | Business Insider India

Navigating Privacy and Data Security Issues in Mergers, Acquisitions and Other Transactions

This article discusses how legal frameworks involving U.S. federal and state law, the EU General Data Protection Regulation, antitrust law and other relevant legal regimes may affect how a company can use personal information following a transaction.

The article also addresses key questions companies should ask during the due diligence process, how answers to those questions impact the deal documents and offers post-closing strategies companies should consider.

Source: Navigating Privacy and Data Security Issues in Mergers, Acquisitions and Other Transactions

Draft data protection law submitted to Parliament of Georgia

The State Inspector presented the legislative proposal to the Parliament of Georgia aimed at bringing the Georgia’s personal data protection law to in line with EU legislation.

The Draft Law includes provisions on the principles of data processing, data subject rights, child consent, deceased persons data processing, monitoring, direct marketing, data controller and data processor’s obligations, data transfers, enforcement and penalties for non-compliance.

Source: Personal Data Protection Inspector’s Office

Consumer contract law in the age of data

As part of its 2015 Digital Single Market Strategy, the European Commission proposed modernising the rules applicable to sales of goods and introducing similar rules for the supply of digital content (such as digital films, music, e-books, applications) and digital services (such as social media platforms, on-line games, pay-per-view access to films, cloud computing, etc.).

After more than 3 years of negotiations, the EU adopted a package comprising a directive on contracts for the supply of digital content and services and a directive on contracts for the sale of goods, both applicable in B2C relations.

Full article: The EU makes B2C contract law enter the age of data

>