Debevoise Data Blog

OCTOBER 12, 2021

million fine against Austrian Post for channelling electronic data protection-related inquiries to a web form and not offering an additional email address, irrespective of the data subject option to also use non-electronic postal mail or customer service. These developments, and more, covered below.

Data protection 52

Data protection Failure-to-appear Compliance e-records 52

Debevoise Data Blog

JANUARY 21, 2021

In this post, we look back at the 2020 European data protection landscape and five trends that help companies understand not only where we are, but where data protection enforcement, litigation, and practice may be headed. million against Marriott for its 2018 data breach When you dig deeper though, two key points emerge.

Data protection 52

Data protection Litigation Litigator Failure-to-appear 52

Technology Law Dispatch

MARCH 24, 2023

On 8 March 2023, the UK government presented a new version of the UK Data Protection and Digital Information Bill No.2. As with the previous bill, the new bill aims to alleviate the burden of compliance with the UK GDPR and its implementing UK Data Protection Act (2018) for organisations in the UK.

Data protection 52

Data protection Failure-to-appear Compliance Software 52

Debevoise Data Blog

APRIL 26, 2024

Key takeaways from March include: CNIL data security practice guide: The French DPA published an update of its data security practice guide for data protection officers, chief information security officers, computer scientists and legal experts. 33(2) GDPR relating to the same personal data breach.

Data protection 52

Data protection e-records Compliance Court 52

Debevoise Data Blog

MAY 12, 2023

Key takeaways this April include: UK children’s data protection focus continues: Businesses may wish to review policies and procedures for dealing with children’s data in light of recent UK ICO fines and guidance, especially to ensure that terms of use are adequately enforced. UK ICO fines TikTok £12.7

Data protection 52

Data protection Software design Machine learning Software 52

Debevoise Data Blog

FEBRUARY 27, 2024

GDPR one-stop-shop: Businesses wishing to take advantage of the GDPR one-stop-shop system should take note of a new digest, published by the European Data Protection Board, which analyses the decisions made by so-called Lead Supervisory Authorities in this context.

Data protection 52

Data protection Compliance e-records Court 52

Debevoise Data Blog

NOVEMBER 21, 2023

Data protection & AI: In particular: (i) the French CNIL published its first set of guidance on GDPR compliance when developing AI tools; and (ii) the UK ICO issued a preliminary enforcement notice against Snap over its AI chatbot, alleging that Snap had not adequately assessed the privacy risks posed to child users of the tool.

Data protection 52

Data protection Compliance Failure-to-appear e-records 52

Legal IT Group

JANUARY 30, 2023

This is the amount of a fine paid by a well-known company for violating the rules of the European General Data Protection Regulation (the GDPR). In this article, you will learn about the top 7 largest fines of 2022 and the personal data practices that should be avoided in your business. Is 1,000 EUR a lot for a business?

Compliance 130

Compliance Data protection Analytics Law 130

Ikigai Law

AUGUST 11, 2023

“If you don’t see me in half a decade, just wait a little longer” – India’s data protection bill ( circa 2018 ) On 9 th August, the Digital Personal Data Protection Bill, 2023 was finally passed in the Parliament. The finish line – the new data bill What stood out?

Data protection 52

Data protection Law Law 52

Technology Law Dispatch

OCTOBER 20, 2023

The Guidance provides advice to companies to help them comply with their obligations under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 2018) when monitoring anyone who performs work on their behalf. their right of erasure).

Data protection 72

Data protection Law Law 72

Legal Tech Blog

SEPTEMBER 7, 2023

New data protection laws, increasing regulation, greater risk of cyber attacks: The challenges for entrepreneurs are becoming ever greater. On September 1, a new data protection law (revDSG) has come into force in Switzerland. However, compliance can be largely automated through artificial intelligence.

Compliance 70

Compliance Data protection Legal tech Legal tech 70

Legal IT Group

FEBRUARY 22, 2023

The General Data Protection Regulation, or GDPR, prohibits data controllers from forcing users to consent to personal data collection in exchange for a service. Meta Platforms allowed users to opt out of ad personalization for many years based on data from other websites and mobile apps.

Data protection 130

Data protection Time-tracking e-filing e-records 130

Legal Tech Monitor

MAY 22, 2023

The ruling contains the largest data privacy fine to be issued in the European Union since the bloc’s General Data Protection Regulation, or GDPR, came into force in 2018 and follows more than a decade of court standoffs.

Data protection 59

Data protection Court 59

Debevoise Data Blog

SEPTEMBER 25, 2024

However, data controllers and processers should be aware that the UK’s Information Commissioner’s Office (“ICO”) can also carry out dawn raids as part of investigations into compliance with data protection laws. unlawfully obtaining personal data). Train key staff on protocols and procedures for dawn raids.

Data protection 52

Data protection Failure-to-appear Court Judge 52

Inside Privacy

OCTOBER 17, 2023

On 3 October 2023, the UK Information Commissioner’s Office (“ ICO ”) finalized its Employment practices and data protection − Monitoring workers guidance (“ Guidance ”) to account for new types of work, including work from home, and the use of more sophisticated technologies for monitoring.

Data protection 65

Data protection Time-tracking Case management Compliance 65

Legal IT Group

FEBRUARY 21, 2023

Moreover, since 2018, IAB Ukraine has had its own representative office in Ukraine. The purposes of processing personal data and possible permission forms the user can provide are outlined for the Vendor. Although we will focus on IAB Canada in this article, there is a similar regional representation in Europe.

Data protection 130

Data protection Compliance Law Law 130

Vogel IT Law

APRIL 4, 2023

HealthCareInfoSecurity.com reported that “A user of the now-shuttered BreachForums in April 2021 posted a data set of 533 million Facebook profiles, including mobile numbers, email addresses and names scraped from the site in 2018 and 2019.” Facebook reported revenue of $23 billion in 2022 and $39 billion in 2021.

Data protection 52

Data protection Court Litigation Litigator 52

Inside Privacy

JANUARY 24, 2024

On 15 January 2024, the UK’s Information Commissioner’s Office (“ICO”) announced the launch of a consultation series (“Consultation”) on how elements of data protection law apply to the development and use of generative AI (“GenAI”). Interested stakeholders are invited to provide feedback to the ICO by 1 March 2024.

Data protection 61

Data protection Intellectual Property Compliance Law 61

Inside Privacy

APRIL 12, 2023

These requirements cover a wide range of issues that are frequently debated in relation to the governance of generative AI globally, such as data protection, non-discrimination, bias and the quality of training data.

Intellectual Property 138

Intellectual Property Data protection Law Law 138

Liquid Litigation Management, Inc.

JULY 24, 2019

As we’ve seen with the recent Equifax settlement, data breaches can have a huge impact on organizations and those individuals effected. The first heading of the report says it all, “2018 – Some Better, Some Worse, All Bad.” Data breaches were down 3.2 led with an estimated loss of $45 billion in 2018.

Data protection 52

Data protection Litigation Litigator 52

Debevoise Data Blog

NOVEMBER 24, 2020

EU authorities have understandably declined to put forward a single list of mandatory data security controls that apply to all companies subject to the GDPR. million fine imposed by the UK Information Commissioner’s Office (“ICO”) against Ticketmaster for alleged data security failings that exposed customer payment card data.

Data protection 52

Data protection Compliance Failure-to-appear Software 52

Richmond Journal of Law and Technology

MAY 2, 2023

The African Union (AU) member states and Economic Community of West African States (ECOWAS) member states are obligated to respect, protect, and promote the right to privacy and personal data protection, as stated in their declarations and conventions. [12] 12] To ensure compliance and mitigate risks, U.S. 15] Ultimately, U.S.

Data protection 52

Data protection Compliance Due diligence Law 52

Technology Law Dispatch

MARCH 6, 2023

If you can remember as far back as December 2021, we published a blog post announcing that the European Data Protection Board (EDPB) published draft guidelines on the interplay between the territorial scope of the GDPR and the international transfer requirements.

Data protection 52

Data protection 52

Debevoise Data Blog

FEBRUARY 8, 2021

As anyone following the fallout from the Court of Justice of the European Union’s decision in Schrems II will know, the GDPR restricts the transfer of personal data to “third countries”, including the U.S., This requires firms to share only personal data that is truly necessary for the stated purpose of the data request.

Data protection 52

Data protection Compliance Court Law 52

MatterSuite

DECEMBER 12, 2024

Why is Data Compliance Important? Failure to adhere to the security framework regarding data protection can lead to high fines and even court cases. General Data Protection Regulation (GDPR) Europe introduced a data protection law, which is the GDPR, in 2018 for businesses handling personal and private personal information.

Compliance 52

Compliance Data protection Failure-to-appear Time-tracking 52

Discovery Advocate

NOVEMBER 26, 2018

The Clarifying Lawful Overseas Use of Data Act (Pub. 115-141 (2018), or the CLOUD Act, was enacted in the U.S. on March 23, 2018, in response to difficulties U.S. Microsoft litigation, in which Microsoft had argued that it was not required to provide access to its users’ private data stored on Dublin servers.

Court 52

Court Data protection Litigation Litigator 52

Discovery Advocate

APRIL 23, 2018

6, 2018, the Article 29 Working Party (Working Party 29) published Working Paper 261 (WP 261), which provided guidance on the provisions of Article 49 of the European Union’s (EU) General Data Protection Regulation (GDPR).

e-discovery 52

e-discovery Data protection Litigation Litigator 52

new tech law blog

DECEMBER 2, 2022

Entities transferring personal data outside the European Economic Area on the basis of standard contractual clauses that are no longer in force (where the transfer began before 27 September 2021) should conclude agreements based on new clauses by 27 December 2022.

Data protection 52

Data protection Compliance Court 52

Debevoise Data Blog

NOVEMBER 12, 2021

Mr Lloyd alleged that Google breached its duties as a data controller under the Data Protection Act 1998 (“DPA”) when it implemented the ‘Safari Workaround’. Google was initially successful before the first instance judge in 2018. This was reversed by the Court of Appeal in 2019.

Data protection 52

Data protection Court Judge Litigator 52

Clio

JANUARY 30, 2024

GDPR : To help address global needs for enhanced data security, in 2018, Europe introduced a unified data protection law, the General Data Protection Regulations (GDPR). CCPA : In 2018, the state of California enacted the California Consumer Privacy Act (CCPA) , which came into effect in 2020.

Law firm 98

Law firm Law Law Due diligence 98

Debevoise Data Blog

AUGUST 18, 2021

The penalty resolves charges that Pearson misled investors related to a 2018 data breach. According to the SEC’s Order , on March 21, 2019, Pearson learned that millions of rows of data had been accessed and downloaded by a threat actor exploiting an unpatched security vulnerability. securities issuer.

Data protection 40

Data protection Software Law Law 40

Technology Law Dispatch

SEPTEMBER 14, 2023

On August 18, 2023, the Fourth Circuit decertified approximately 20 million putative class action claims arising out of a 2018 data breach involving Marriott Hotels.

Defendant 52

Defendant Lawsuit Court Litigation 52

Percipient

APRIL 22, 2023

Parker Hannifin Corporation, No 8:16-cv-00909 (July 12, 2018), the court refused to shift expenses “incurred due to. Companies Generally May Not Charge for GDPR and CCPA Data Requests Nowadays, third party requests for information are not always related to lawsuits and legal disputes.

e-discovery 97

e-discovery Court e-records Litigation 97

Ikigai Law

AUGUST 7, 2023

Main Course : Deep dive stories on card network portability, and impact of the data protection bill on fintechs. Main Course Fintech and the Data Protection Bill No piece of legislation has taken more punches than our elusive data protection law. The data law is nearly here! No, not so fast.

Data protection 52

Data protection Law Law e-records 52

Legal Expert Connections

SEPTEMBER 19, 2018

The OMB memo states, “The strongest privacy and integrity protection currently available for public web connections is Hypertext Transfer Protocol Secure (HTTPS).” Protecting Your Law Firm Website with HTTPS Beginning in July 2018 with the release of Chrome 68, Chrome is now marking all HTTP sites as “not secure.”

Law firm 52

Law firm Law Law Data protection 52

Debevoise Data Blog

MARCH 11, 2021

The recent publication of the SEC’s 2021 Division of Examination Priorities (the “2021 Priorities”) presents an opportunity to look back at the cybersecurity work of the SEC in 2020 and speculate about the SEC’s examination and enforcement priorities for data protection in the coming year for RIAs.

Compliance 52

Compliance Data protection Attorney 52

Inside Privacy

FEBRUARY 1, 2024

In this blog post, we outline the current and forthcoming EU legislation on the international transfer of non-personal data. Some of this legislation has been enacted recently, and other legislation on this topic is making its way through the legislative process but has yet to be adopted. X (Recent Council versions remove this obligation.)

Intellectual Property 72

Intellectual Property State law Court Compliance 72