Inside Privacy

MARCH 14, 2023

On March 13, 2023, the CNIL published a statement announcing that it reminded these two organizations of their legal obligations under the French data protection framework. Despite being found in breach of the French data protection rules, none of the audited organizations were fined.

Data protection 65

Data protection Compliance 65

Ikigai Law

AUGUST 4, 2023

India’s Digital Personal Data Protection Bill 2023 was introduced in Parliament on 3 August 2023. Once passed, the law will govern how businesses collect and use individuals’ data. What data is covered? Personal data, i.e., data about an individual that can identify them. What else should fiduciaries do? (a)

Data protection 52

Data protection Law Law e-records 52

Debevoise Data Blog

JUNE 27, 2024

Our top five European data protection developments from May are: UK guidance on ransom payments: The UK NCSC and various insurance industry bodies co-published guidance on key considerations for ransomware payments. 22, then there must be sufficient human-involvement in that processing for it to be GDPR-compliant.

Data protection 52

Data protection Software e-records Compliance 52

Debevoise Data Blog

AUGUST 27, 2024

Building on prior European guidance , the French and Irish DPAs published guidance on the deployment of generative AI, large language models and data protection. To that end, the EDPB proposed designating DPAs as the “national competent authorities” under the AI Act to create a single point of contact.

Data protection 52

Data protection Compliance Litigator Litigation 52

Debevoise Data Blog

SEPTEMBER 23, 2024

Our top-five European data protection developments from August are: Uber fined for personal data transfer: The Dutch Data Protection Authority fined Uber €290 million for the unlawful transfer of European drivers’ personal data to the U.S., without sufficient safeguards.

Data protection 52

Data protection Court Software Compliance 52

Debevoise Data Blog

MAY 28, 2024

EDPB “Consent or pay” models: Businesses operating large online platforms should consider the European Data Protection Board’s recent opinion indicating that “consent or pay” models are unlikely to be GDPR-compliant.

Data protection 52

Data protection Compliance Law Law 52

Ikigai Law

AUGUST 9, 2023

No piece of legislation has taken more punches than our elusive data protection law. The data law is nearly here! The Digital Personal Data Protection Bill, 2023 was introduced in Parliament on 3 August 2023. Say you are a payment aggregator or a KYC service provider or an AI-based data analytics service provider.

Data protection 52

Data protection Analytics Compliance Law 52

Debevoise Data Blog

JULY 30, 2024

Our top five European data protection developments from June are: Non-material damage under GDPR: The CJEU clarified the scope of compensation for non-material damage in the context of identity theft and data subjects’ fear that their personal data had been exposed. To subscribe to the Data Blog, please click here.

Data protection 52

Data protection Time-tracking Mediator Analytics 52

Legal IT Group

JUNE 26, 2023

In that case, you also need to be aware of whether the data protection rules are not violated. Source: Drones and Data Protection What should companies/people who use drones do to be in compliance with privacy regulations? Once again, it depends on the type of drone and the purpose you use it for.

Data protection 52

Data protection Time-tracking Compliance 52

Debevoise Data Blog

SEPTEMBER 27, 2023

The AEPD held that a DPO cannot hold a position that leads them to determine the purposes and means of data processing. The scale and data protection risks associated with such technologies has been further complicated recently by their increasing integration with artificial intelligence systems.

Data protection 52

Data protection Compliance e-filing Court 52

Technology Law Dispatch

OCTOBER 26, 2023

On 3 October 2023, the UK Information Commissioner’s Office organised its annual Data Protection Practioner’s Conference 2023 (DPPC 2023). This year its focus was on Cybersecurity – a topic that concerns organisations across the board. Here are the takeaways from the DPPC 2023 (the event sessions available here ).

Data protection 59

Data protection Due diligence Compliance Law 59

Debevoise Data Blog

NOVEMBER 21, 2023

Data protection & AI: In particular: (i) the French CNIL published its first set of guidance on GDPR compliance when developing AI tools; and (ii) the UK ICO issued a preliminary enforcement notice against Snap over its AI chatbot, alleging that Snap had not adequately assessed the privacy risks posed to child users of the tool.

Data protection 52

Data protection Compliance Failure-to-appear e-records 52

Ikigai Law

AUGUST 8, 2023

A detailed clause-wise analysis of the Digital Personal data Protection Bill 2023 On 7 August 2023, the Lok Sabha passed the Digital Personal Data Protection Bill, 2023. Here’s a primer decoding the basics of the law – who it will affect, what data is covered, what happens if you don’t comply, etc.

Data protection 52

Data protection Law Law 52

Inside Privacy

NOVEMBER 28, 2023

They raise various questions under regulatory and data protection and data security laws. The DiGA Regulation imposes specific data protection and data security requirements on health apps (in addition to safety, functionality, quality and interoperability requirements). 26 of the GDPR.

Data protection 57

Data protection Time-tracking Software Law 57

Debevoise Data Blog

APRIL 26, 2024

Key takeaways from March include: CNIL data security practice guide: The French DPA published an update of its data security practice guide for data protection officers, chief information security officers, computer scientists and legal experts. These developments, and more, are covered below.

Data protection 52

Data protection e-records Compliance Court 52

Legal IT Group

SEPTEMBER 19, 2023

For example, in 2020, the Data Protection Authority of Hamburg imposed a 35.3 This fact became known when the H&M servers encountered a technical error, and the data on the network drive became accessible to all employees for a few hours. Read more about employer monitoring and data protection in our previous article.

Data protection 52

Data protection Compliance e-records Law 52

Technology Law Dispatch

JUNE 23, 2023

On 19 June 2023, the Information Commissioner’s Office (ICO) has released new Guidance on Privacy-Enhancing Technologies (PETs) for Data Protection Compliance. Understanding PETs PETs are software and hardware systems that can help minimize use of personal data use while maximizing information security.

Data protection 52

Data protection Compliance Software Law 52

Debevoise Data Blog

DECEMBER 22, 2023

For example, the Garante notes the need to incorporate data protection by design and by default principles within any AI systems used in the healthcare space. In particular, the paper recommends the use of internal data access controls, regular auditing of data security measures, and the use of data protection impact assessments.

Data protection 52

Data protection Time-tracking Compliance Machine learning 52

Legal Tech Monitor

FEBRUARY 22, 2024

How do you navigate this ever-changing data protection and privacy landscape?

Data protection 52

Data protection 52

Technology Law Dispatch

AUGUST 2, 2023

The Summer 2023 Edition of the quarterly IT & Data Protection Newsletter by Reed Smith Germany has just been released: English version German version This edition covers the following topics: New adequacy decision for EU-U.S. data transfers CJEU: Requirements for GDPR damage claims CJEU: Lawfulness of processing in case of Art.

Data protection 52

Data protection Court Law Law 52

Debevoise Data Blog

OCTOBER 20, 2023

The CMA further highlighted that transparency around the data used to train FMs is critical to reducing bias and improving accuracy of outputs, and to ensuring accountability. Two areas that have been stressed previously in the data protection compliance context.

Data protection 52

Data protection Intellectual Property Compliance Law 52

Ikigai Law

AUGUST 3, 2023

Our summary of the Digital Personal Data Protection Bill, 2023 The Digital Personal Data Protection Bill, 2023 ( 2023 Bill ) was tabled in Parliament on 3 August 2023. It is the fifth – and likely final – iteration of India’s efforts to formulate a personal data protection law.

Data protection 52

Data protection Compliance e-filing Hearing 52

Legal IT Group

SEPTEMBER 15, 2023

International data transfers in GDPR compliance are complex, as data are transferred to third countries outside the European Union (EU) or the European Economic Area (EEA). Suppose you are interested in personal data protection issues. What should the DTIA note for transferring personal data from the EU to Ukraine?

Data protection 52

Data protection Compliance Court Law 52

Ikigai Law

AUGUST 11, 2023

“If you don’t see me in half a decade, just wait a little longer” – India’s data protection bill ( circa 2018 ) On 9 th August, the Digital Personal Data Protection Bill, 2023 was finally passed in the Parliament. The finish line – the new data bill What stood out?

Data protection 52

Data protection Law Law 52

Legal Tech Monitor

MARCH 9, 2023

Lawyers expect a wave of demand for advice from companies that need to strengthen their internal safeguards in order to avoid fines and restrictions on handling personal information

Data protection 59

Data protection Lawyer 59

LLRX

FEBRUARY 29, 2024

It serves as an offensive and a defensive measure, safeguarding individuals from falling prey to scams, promoting data protection education, and empowering individuals to protect their digital security. Scam baiting is the practice of engaging with scammers to expose their tactics and disrupt their operations.

Data protection 116

Data protection Legal research 116

Inside Privacy

APRIL 28, 2023

Following a number of complaints, the European Data Protection Supervisor (‘EDPS’) decided that the SRB shared pseudonymized personal data with the consulting firm without informing the affected individuals of this sharing. Before sharing the responses, SRB replaced the name of each respondent with a code.

Court 137

Court Data protection 137

Eric Goldman

APRIL 28, 2023

Among their targets were the Data Protection Impact Assessment requirements, which NetChoice argued amounted to prior restraint and compelled speech. The bill describes the following obligations for in-scope businesses: Data Protection Impact Assessments. I will reiterate some of the major lowlights in this post.

Data protection 133

Data protection Court Hearing Judge 133

Eric Goldman

MARCH 15, 2023

Here is the notice I recently received: If you can’t read the image, here’s what it says: __ Notice of European data protection law removal from Google Search To: Webmaster of [link] Due to a request under the data protection law in Europe, Google can no longer show one or more pages from your site in Google Search results.

Data protection 105

Data protection Law Law 105

Kevin O'Keefe

FEBRUARY 25, 2024

Privacy and Data Protection: Advising on compliance with data protection laws, including GDPR in Europe and CCPA in California, especially for AI systems that process personal data. Searching some law firm sites I found thirty or forty articles on AI in these various formats over the last four or five months.

Law firm 130

Law firm Intellectual Property Data protection Compliance 130

CaseFox

MAY 30, 2023

In today’s digital age, data security is a critical concern for law firms. As custodians of sensitive client information, law firms must take proactive measures to safeguard data from cyber threats and ensure compliance with data protection regulations.

Law firm 98

Law firm Data protection Law Law 98

Inside Privacy

FEBRUARY 20, 2024

On February 13, 2024, the European Data Protection Board (“EDPB”) adopted an opinion on the notion of “main establishment” of a controller in the context of Article 4(16)(a) of GDPR. This blog post was drafted with the contribution of Diane Valat.)

Data protection 81

Data protection Law Law 81

Inside Privacy

MARCH 15, 2023

On February 28, 2023, the European Data Protection Board (“EDPB”) released its non-binding opinion on the European Commission’s draft adequacy decision on the EU-U.S. Data Privacy Framework (“DPF”). law to access the personal data of EU data subjects. The EDPB notes that onward transfers of data by U.S.

Data protection 74

Data protection Court Law Law 74

MatterSuite

JUNE 1, 2023

In this blog, we will explore the essential elements of data security that every legal department should know of. Top Security Essentials You Need to Know The regulatory landscape governing data protection. Here are the top practical strategies to enhance data security within your legal practice.

Intellectual Property 98

Intellectual Property Data protection Compliance Law firm 98

MatterSuite

JUNE 1, 2023

In this blog, we will explore the essential elements of data security that every legal department should know of. Top Security Essentials You Need to Know The regulatory landscape governing data protection. Here are the top practical strategies to enhance data security within your legal practice.

Intellectual Property 98

Intellectual Property Data protection Compliance Law firm 98

Inside Privacy

MARCH 9, 2023

On March 7, 2023, the Irish Data Protection Commission (“DPC”) published its annual report for 2022. The report reflects the DPC’s reputation as both an active enforcer of the General Data Protection Regulation (“GDPR”) and a contributor to policy development at national and EU levels.

Data protection 74

Data protection Litigator Litigation 74

Technology Law Dispatch

OCTOBER 20, 2023

The Guidance provides advice to companies to help them comply with their obligations under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 2018) when monitoring anyone who performs work on their behalf.

Data protection 72

Data protection Law Law 72