Free tools and resources for Data Protection Officers!

Category Archives for "Legislation"

EU reached deal on improved law enforcement access to financial information to curb crime

New rules improving law enforcement authorities’ access to financial information to investigate serious crime were informally agreed with Council negotiators.

The agreed text now needs to be formally approved by the Civil Liberties Committee, Parliament as a whole and the Council before entering into force.

Source: Deal on improved law enforcement access to financial information to curb crime | News | European Parliament

Advocacy groups call on Congress to address discrimination in privacy laws

The civil rights groups aim to fix issues like discriminative advertising, voter suppression and targeted misinformation.

The letter said data security and privacy abuses have harmed marginalized communities. Such abuses include deceptive voter suppression, misinformation targeting African Americans, and discriminatory government surveillance.

Source: ACLU, NAACP call on Congress to address discrimination in privacy laws – CNET

California governor wants users to profit from online data

California Gov. Gavin Newsom says the state’s consumers should get a piece of the billions of dollars that technology companies make off the personal data they collect.

The new governor has asked aides to develop a proposal for a “data dividend” for California residents but provided no hints about whether he might be suggesting a tax on tech companies, an individual refund to their customers or something else.

Source: California governor wants users to profit from online data | The Sacramento Bee

ICO releases discussion paper on regulatory sandbox

UK data protection authority ICO have published regulatory sandbox discussion paper which explains to potential participants how ICO sees the sandbox working in practice. The paper sets out our thinking so far – from early engagement through to application, sandbox entry and, ultimately, exit.

Source: Blog: ICO regulatory sandbox | ICO

FTC Decides Not to Modify CAN-SPAM Rule

On February 12, the Federal Trade Commission (“FTC”) announced that, after a review of the Controlling the Assault of Non-Solicited Pornography and Marketing Act (“CAN-SPAM”) Rule as part of its periodic review of its regulations, it has determined that the Rule does not need to be modified at this time.

Source: FTC Decides Not to Modify CAN-SPAM Rule

Unsolicited marketing: the right approach for e-billing in light of GDPR

In a recent study by consumer body Which?, several major retailers were potentially at risk for violations of data protection regulations by sending marketing content to customers via e-receipts – the same customers who specifically requested not to be contacted for promotional offerings.

It comes as no surprise that retailers are determined to deploy such a high engagement tactic, but it does not take a GDPR expert to work out that turning transactional communications into a marketing opportunity requires thorough understanding of the rules about what can and cannot be done.

Full article: Unsolicited marketing: the right approach for e-billing in light of GDPR – GDPR.Report

How to comply with both the GDPR and the CLOUD Act

U.S. CLOUD Act’s compatibility with the EU General Data Protection Regulation is still an open question.

With regard to data transfer to third countries for which such transfer is subject to the GDPR, Articles 44 to 50 of the GDPR apply. In particular, Article 48 of the GDPR comes into play when EU data is being requested by a U.S. law enforcement agency.

Full article: How to comply with both the GDPR and the CLOUD Act

“Copycat CCPA” Bills Introduced in States Across Country

Privacy has been a hot topic for state legislatures in the first month of the year. Legislators in nine states have introduced draft bills that would impose broad obligations on businesses to provide consumers with transparency and control of personal data.

Source: “Copycat CCPA” Bills Introduced in States Across Country

USA Big Tech encouraged to adopt GDPR-style rules

The multinational tech conglomerate, Cisco Systems has urged tech companies in the US to embrace more regulation and to follow the example of the EU’s General Data Protection Regulation (GDPR).

The group’s chief legal and compliance officer, Mark Chandler, has said regulation is now due; his calls add volume to the demands being made on US politicians to increase scrutiny and power over tech companies, against a backdrop of increasing global awareness of the importance of data security.

Source: USA Big Tech encouraged to adopt GDPR-style rules

1 2 3 102
>