Debevoise Data Blog

OCTOBER 12, 2021

million fine against Austrian Post for channelling electronic data protection-related inquiries to a web form and not offering an additional email address, irrespective of the data subject option to also use non-electronic postal mail or customer service. Standard Contractual Clauses).

Data protection 52

Data protection Failure-to-appear Compliance e-records 52

Debevoise Data Blog

AUGUST 16, 2023

. : Business may want to revisit their cross-border data transfer arrangements following the new adequacy decision for the EU-U.S. Data Privacy Framework, assess whether they are eligible to self-certify and, if they are, whether it makes sense to. Data Privacy Framework (the “DPF”).

Data protection 40

Data protection Analytics Compliance Time-tracking 40

Debevoise Data Blog

AUGUST 25, 2022

On 18 July 2022, the UK government published the Data Protection and Digital Information Bill (the “Bill”), which proposes reforms to the UK’s data protection and e-privacy landscape in-line with the National Data Strategy.

Data protection 52

Data protection e-records 52

Debevoise Data Blog

FEBRUARY 20, 2023

Orange established a mobile telephone contract and SIM card without adequately verifying the customer’s data, resulting in identity theft and data processing of a victim’s personal data without consent. To subscribe to the Data Blog, please click here.

Data protection 52

Data protection Compliance e-records Court 52

Debevoise Data Blog

NOVEMBER 10, 2020

ICO targets the data broking industry : On 27 October, the ICO demanded that Experian make sweeping changes to data protection practices within its direct marketing business within three months or face further enforcement action. We will continue to report on developments as Experian’s appeal progresses.

Data protection 52

Data protection Intellectual Property e-records Machine learning 52

Debevoise Data Blog

FEBRUARY 10, 2021

As covered in our Annual Review , 2020 was a blockbuster year for European data protection. has appealed , both penalties show that companies need to be wary not only of how they treat customer data, but also employee data. Spanish DPA hands CaixaBank record €6m fine. While Notebooksbilliger.de website.

Data protection 52

Data protection Time-tracking Defendant Court 52

Debevoise Data Blog

SEPTEMBER 20, 2023

This webinar satisfied the new requirement of 1 credit hour of CLE in cybersecurity, privacy and data protection for lawyers admitted in New York, effective July 1, 2023. The cover art used in this blog post was generated by DALL-E. The program is appropriate for experienced attorneys only.

e-records 52

e-records Lawyer Data protection Legal education 52

Debevoise Data Blog

APRIL 14, 2023

The PRA strongly criticised Wyelands’ lack of record-keeping policies and procedures to manage the use of WhatsApp communications, which the PRA found had prevented the bank’s Board and Risk function from effectively scrutinising transactions, as well as hindering the PRA’s supervision and investigation activities.

e-records 52

e-records Compliance e-filing Data protection 52

Debevoise Data Blog

OCTOBER 10, 2023

In this blog post, we outline eight questions businesses may want to ask when developing or adopting new Generative AI tools or when considering new use cases involving GDPR-covered data. Importantly, if you have a lawful basis to process personal data for one purpose (e.g., What can you do? What can you do? What can you do?

Data protection 52

Data protection e-records Compliance Law 52

Debevoise Data Blog

NOVEMBER 29, 2023

Analogous to the influential role played by the EU’s GDPR in shaping the contours of global data privacy laws, the EU AI Act similarly has the potential to influence the worldwide evolution of AI regulation. To subscribe to the Data Blog, please click here. The cover art used in this blog post was generated by DALL-E.

Compliance 52

Compliance Data protection e-records Law 52

Debevoise Data Blog

FEBRUARY 27, 2024

GDPR one-stop-shop: Businesses wishing to take advantage of the GDPR one-stop-shop system should take note of a new digest, published by the European Data Protection Board, which analyses the decisions made by so-called Lead Supervisory Authorities in this context.

Data protection 52

Data protection Compliance Court e-records 52

Legal Tech Blog

DECEMBER 8, 2022

While these are necessary to help reduce complacency towards internal data protection compliance and ensure organisations actively work to reduce their exposure, it isn’t always easy for companies to align. In the case of e-discovery , for example, artificial intelligence is already being leveraged to great effect.

e-discovery 52

e-discovery Compliance Machine learning Due diligence 52

Debevoise Data Blog

OCTOBER 11, 2021

The PIPL has been referred to as China’s version of Europe’s General Data Protection Regulation (“GDPR”), given that the PIPL in substance mimics many of GDPR’s restrictions on the usage and collection of personal information. 3 Article 2. 4 Article 4. 5 Article 3. 6 Article 53. 7 Articles 33 and 34. 8 Articles 5-10.

Law 52

Law Law e-records Compliance 52

Debevoise Data Blog

JULY 31, 2023

Data Privacy Framework (the “DPF”). The decision enables businesses in Europe to transfer personal data to DPF-certified U.S. businesses without having to implement additional data protection safeguards. Data subjects may lodge complaints through both U.S.- UK and Swiss Data Transfers to the U.S.

Data protection 52

Data protection Dispute resolution e-filing e-records 52

Berkley Technology Law Journal

NOVEMBER 18, 2022

Legislation empowers the European Commission to designate certain tech companies as gatekeepers and impose obligations on them in relation to data, advertising, e-commerce, interoperability, and the commercial relationships between the service providers customers and end users. One idea is the idea of data portability.

Law 52

Law Law Data protection Court 52

Berkley Technology Law Journal

NOVEMBER 18, 2022

Legislation empowers the European Commission to designate certain tech companies as gatekeepers and impose obligations on them in relation to data, advertising, e-commerce, interoperability, and the commercial relationships between the service providers customers and end users. One idea is the idea of data portability.

Law 40

Law Law Data protection Court 40

Debevoise Data Blog

JANUARY 14, 2022

27] Examples include the telemarketing sales rule, children’s online privacy protection rule, and health breach notification rule. [28] In order to bring an action under this provision, the FTC must establish that the defendant had actual or constructive knowledge ( e., To subscribe to our Data Blog, please click here.

Compliance 52

Compliance Court Litigator Litigation 52